five-year it roadmap - colorado.gov five year... · mipc vs. cisco discussion . network ... mipc...

Aligning business goals with technology forecasts

October 2015

Five-Year IT Roadmap Enterprise Summary

Enterprise Financial Overview Enterprise IT Event Timeline Agency IT Event Timeline: Infrastructure Services Agency IT Event Timeline: Business Applications Agency IT Event Timeline: Internal Tools

Table of Contents

2

Agency FY16 FY17 FY18 FY19 FY20

CDA $109,430 $105,746 $542,491 $47,038 $47,138

CDHS $6,503,637 $9,835,692 $23,177,763 $6,050,970 $2,702,970

CDOT $0 $244,634 $243,842 $0 $0

CDLE $0 $119,548 $6,099,026 $10,723,507 $23,507

CDPHE $10,394,630 $8,540,056 $9,927,974 $9,927,974 $9,927,974

CDPS $121,200 $719,499 $15,300,000 $196,000 $16,000,000

DMVA $10,000 $82,873 $5,790 $42,000 $6,000

DNR $1,485,650 $1,145,117 $776,601 $494,400 $468,750

DOC $194,526 $1,849,063 $12,352,920 $1,392,460 $1,405,960

DOLA $135,163 $39,431 $41,203 $26,820 $26,820

Enterprise Financial Overview

Below is a summary or the estimated unfunded components of OIT’s customer agencies for the next five years. These unfunded lines represent the growthing technology dept that the state faces. Please refer to the individual agency 5 Year IT Roadmap for detailed funding breakdown. Cells which include individual events costing $500,000 or more are notated in bold.

Agency FY16 FY17 FY18 FY19 FY20

DOR $6,000 $2,744,795 $2,180,338 $1,362,415 $484,815

DORA $0 $61,314 $1,523,256 $268,137 $268,137

DPA $0 $50,725 $115,864 $83,554 $84,360

GOVS $85,000 $148,424 $150,239 $37,600 $17,700

HC $103,739 $315,405 $830,822 $175,823 $201,323

HCPF $20,000 $821,745 $588,913 $519,000 519,000

OIT $0 $17,502,369 $18,376,182 $13,624,717 $13,319,717

Total $19,168,975 $44,326,436 $92,233,224 $44,972,415 $45,504,171

Enterprise Financial Overview

Below is a summary or the estimated unfunded components of OIT’s customer agencies for the next five years. These unfunded lines represent the growthing technology dept that the state faces. Please refer to the individual agency 5 Year IT Roadmap for detailed funding breakdown. Cells which include individual events costing $500,000 or more are notated in bold.

Statewide Initiative Roadmap

FY16 FY17 FY18 FY19 FY20

Bu

sin

ess

Ap

ps

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols

Below is a timeline which represents OIT’s highest impact statewide initiatives. Some events may not coincide directly with every agency; this enterprise outlook is intended to provide context in comparing individual agency timelines with the overall state IT strategies.

2-Factor Authentication

Active Directory Integration

Backup Colorado

Enterprise Wireless

Enterprise Firewall Solution (Palo Alto)

Remote Access (eVPN)

24 x 7 Service Desk

Telecommunications Refresh

MyColorado Stragic Planning

Identity Management (Secure Colorado Part B)

CORE

HRIS

Infrastructure Refresh

Advanced Security Analytics/ Threat Discovery (Secure Colorado

Part A)

Network/ Database Monitoring Implimentation (SolarWinds)

Windows 10 Migration

Endpoint Management (SCCM)

Single Sign-On

MyColorado Implimentation

Enterprise Security Logging

Endpoint Encryption

5


CD

A

Infr

astr

uct

ure

Ser

vic

es

CD

HS

IT Timeline: Infrastructure Services

Desktop Refresh @ 25%

Cisco SmartNet Maintenance

Grants Management


Network Equipment Refresh

SQL Server 2012

CD

LE

Server/Storage Refresh Planning

DVR Infrastructure

Integration

Server/Storage Refresh

Refresh Perimeter Firewalls

Deskside Hardware refresh (4 yr cycle) / Software refresh as needed for compliance

CD

OT

Review Phone/MIPC Options

Eval of Azure Evolution of Cloud Services

DO

RA

Review Phone/MIPC Options Internal Vulnerability

Scan Automation

Infrastructure Services include hardware, software, voice, network, and storage components.


Infr

astr

uct

ure

Ser

vic

es

DO

C

10Gb Circuit between DOC HQ & eForte data center for System Redundancy

Barracuda Upgrade (Offender

Network)

DTR Radio Refresh

Cisco Network Refresh (6- yr cycle)

WYSE Virtualization (Offender Labs)

Voice Circuits – Century Link

Colorado State Network – CenturyLink

Desktop & Laptop Computer Refresh

Application Xtender / WebXtender (DOC document scanning, storage and access)

OIT

[DT

RS

]

Tower site rectifier

replacement Phase 1

Replace M/W towers phase 2/3

DHSEM CC request, 8 new DTRS sites per year

DHSEM CC request, Zone Controller

Addition

GTR Transmitter Replacement

DTRS System version upgrade

Microwave System Replacement

Greeley CDOT Tower Relocation

Tower site rectifier replacement Phase 2

Pueblo Shop Relocation - CDOT

Montrose CSP/equipment room

construction DTB Arkansas St, purchase from CDOT

Propane Tank Replacement



Infr

astr

uct

ure

Ser

vic

es

CD

PH

E

Employee Wireless & Guest Wireless (Related to decommission of Direct Access)

VoIP Phone System Upgrade @ Main Campus

VoIP Phone System Upgrade @ Lab Cisco Prime Network Monitoring:

Maintain to Realize Prior Investment

Convert Main Campus Server Room into Workstation Imaging and Active

Storage Space

Network Redundancy to accommodate Remote Data Centers

Create Physical Servers, as needed to support main campus

Move Remaining Servers from CDPHE Main Campus to Vblock at eFORT

Move servers and Storage from CDPHE equipment at E-Fort to

vBlock at eFORT

Environmental Alarms in A2 Server Room and Network Closets

Research Insurance Coverage for Damaged IT Equipment

Improve Cooling of IT Equipment

Spaces

Cubicle Furniture Replacement A2 IT

Replace Cabling to Workstations


Dedicated Network Line from CDPHE Main Campus to 6th and Kipling for Disaster Recovery

10GB Dedicated Network Line from CDPHE Main Campus to E-Fort as a result of Data Center Consolidation

Disaster Recovery (DR) Plans and supporting infrastructure for Essential and Critical Applications

Wireless network in Grand Junction Office

Phone System changes in Grand Junction

Workstation Annual Refresh ¼ of total workstation equipment each year (desktop / laptop, mobile, WiFi, printers, scanners, projectors, plotters, MS Office and a variety of semi-standard software like Adobe pro, Visio, etc...)

Desk Phone Annual Refresh ⅙ of total equipment each year (VOIP Desk Phones)

Server Infrastructure Refresh ⅕ of total equipment each year *2 (CDPHE, E-Fort and eventually 6th and Kipling as well)

Network Equipment Infrastructure Refresh ⅕ of total equipment each year *2 (CDPHE and E-Fort, Eventually 6th and Kipling as well)

CIS Hardening


Bu

sin

ess

Ap

pli

cati

on

s

CD

PH

E

Disaster Recovery - Dedicated Network Line from CDPHE

Main Campus to 6th and Kipling

10GB Dedicated Network Line from

CDPHE Main Campus to E-Fort as a result

of Data Center Consolidation

Wireless Network -

Grand Junction

Phone System changes - Grand

Junction

Workstation Annual Refresh (25% of total workstation equipment each year)

Desk Phone Annual Refresh (17% annually- VOIP Desk Phones)

Server Infrastructure Refresh (20% annually) *2

Network Equipment Infrastructure Refresh (20% annually) *2

CIS Hardening

Replace Network Cables on main campus and Upgrade Patch Panel Cabling in Network Closets

Retire CDPHE’s Instance of Virtual Desktop Infrastructure (VDI)

Universal Access Gateway (UAG) Employee Portal - Upgrade

Disaster Recovery Planning


VMWare


Infr

astr

uct

ure

Ser

vic

es

DO

R UCS Refresh

Software Upgrades (Microsoft, MSSQL Oracle, RedHat / Linux, CommVault)

DOR Desktop Printer, Workstation Refresh, CSTARS - 4-year Refresh

Storage Encryption

Server Tumbleweed Replacement

Network Refresh, DLO and Gaming

Bandwidth Upgrades: Kipling,

e-Fort

Nortel Legacy PBX Replace-EOL (MIPC change request)

Tape Drive Refresh

Network Refresh: Kipling, e-Fort

(ASR)

Network Refresh:

Marijuana, Enforcement,

Racetrack, Pierce, Annex


(Nexus)



CD

PS

Bu

sin

ess

Ap

pli

cati

on

s

DO

C

DN

R

Kipling Campus/EOC Network Refresh

E-Fort Network Refresh

Blade Server/SAN Refresh

Document Management System Conversation (Laserfiche Replacement)

CommVault

Hosted Support for VOIP System

PC Refresh @ 25%

MIPC vs. CISCO discussion


Data Center Relocation

MIPC Phone System for new Headquarters

Legacy/Telephony Avaya

Vblock Hardware

Palo Alto Firewall

DO

LA

CCLAN (Edge)

Redundant Router

Grants Management

PC Refresh @ 25%

MIPC

Network Equipment

Refresh

Network Equipment

Refresh



UI Modernization OPS Application Modernization

Workers Comp Modernization Connecting Colorado

Modernization

Non Major Application Roadmap eComp Modernization

Non-Major Application Modernizations

Application Modernization

Decommission Legacy DMV Apps

Decommission CSTARS/Informix

Decommission DLS/Adabase

Collections System Replacement (CUBS)

Program/Cash Mgmt (Aurigo)

Enterprise Case Management (SF)

Enterprise Inspections Solution (SF)

Kronos

CD

LE

IT Timeline: Business Applications

Salesforce

CD

A

Bu

sin

ess

Ap

pli

cati

on

s

Business Applications are those large customer-facing software programs that support the business.

DP

A

CD

OT

D

OR

A

IT Timeline: Business Applications


Bu

sin

ess

Ap

pli

cati

on

s

OIT

Automic

Application Release Management

HP Functional Test Automation

HC

PF

Customer Call Center Applications (SF)

Benefits Utilization

System (BUS)

Division of Developmental

Disabilities (DDD Web)

APMS


CD

OT

Inte

rnal

To

ols

DO

C

CD

PH

E

CD

HS

Bluelance LT Auditor

HRIS/ SAP Success Factors

SAP /CORE Evolution

IP Address / Subnet revamp

IT Asset Management (ITAM) with SCCM for Data Discovery FY17 or FY18

Wireless Monitoring

(I.S.E)

Grants Management

IT Timeline: Internal Tools

Internal tools are defined as software that enable functionality for business applications and systems.

Enterprise Summary

Five-Year IT Roadmap

Aligning business goals with technology forecasts October 2015

Governor’s Office


Roadmap Goals Assumptions Aligning Technology with Business Objectives Business Objectives Top Initiatives IT Roadmap Overview Financial Overview Glossary Appendix A: Statewide Initiative Roadmap Appendix B: Unfunded Event Breakdown

Table of Contents

2

A strategic plan allows alignment of technology evolution with business requirements and programs. To this end, discrete goals for this strategic plan are to:

Roadmap Goals

Define technology targets for equipment acquisition

and refresh

Regular refresh cycles aligned with OIT

enterprise standards

Use vendor data to understand product lifecycle issues

Let technology goals drive vendor

selection

Establish a five year planning horizon

Leverage the 18 month product horizon

provided by vendors

Use technology trends to set directions beyond 18 months

Align technologies across departments

Understand dependencies between network, server, database, development,

and desktop groups

Jointly plan technology changes and upgrades

Better understand funding needs

Provide a longer-term budget planning

horizon

Reduce fragmented funding requests

• This roadmap functions as a living document which will be updated twice per

year. This initial document serves as a baseline; timelines and costs estimates are subject to change.

• Major agency project decisions may alter this plan (e.g., equipment and infrastructure refreshes).

• Infrastructure and security needs will be maintained for FTI/HIPAA/PII/FBI compliance.

• Cost estimates are based on initial quote, vendor information and/or past initiatives and are subject to change.

• For Decision Items, cost allocation to customer is based on OIT’s current Common Policy rates.

• Enterprise or Support Agreement is currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end user equipment.

• The Governor’s Office and OIT will continue to assess the inventory of applications for new development/upgrades/replacements/consolidation and/or retirements and will adjust this planning document accordingly.

• The Governor’s Office is executing on a four year lifecycle for desktops and three years for laptops.

• The Governor’s Office Five Year IT Roadmap includes the information for the Governor’s Office proper as well as the Colorado Energy and Office of Economic Development and International Trade.

• Staffing remains constant.

• Certain projects and initiatives are dependent upon the approval and/or completion of preceding initiatives.

Assumptions

4

Aligning Technology with Business Objectives

Promoting collaboration, innovation and efficiency to serve the greatest good for the people and state of Colorado.

● Improving quality and reliability of service

○ Replace aging systems with updated and more functional tools ○ Support new technical platforms such as mobile applications and customer self-

service

● Reducing cost of service ○ Leverage best practices and standards to deliver consistent and cost effective

solutions ○ Introduce new technologies to reduce ongoing support cost ○ Utilize enterprise solutions to reduce cost associated with redundant licensing and

applications

● Minimizing downtime or disruption for maintenance or upgrades ○ Unify technology changes and maintenance ○ Coordinate deployments, moves and changes

● Driving technology-related statutory responsibility and institutional mandates

○ Secure state data and assets ○ Implement data management governance

Supporting Business Objectives

5

Technology lifecycles are much shorter than the Governor’s Office business cycle; therefore, planning technology changes to fit business initiatives is one way to help improve business.

The mission of The Governor’s Office is a healthy Colorado: Our people, our economy, our communities and our environment. This page highlights the prioritized objectives that the Governor’s Office identified in their annual performance plan that will have the greatest impact in achieving their mission.

Business Objectives

#1- Make Colorado the Healthiest State

#2- Make Colorado the Best Place to Start and Grow a New Business

Behavioral Health:

Physical Health:

Health Systems:

• Be the most connected state by ensuring all residents and business have access to affordable basic broadband and have the highest broadband capacity per capita • Promote entrepreneurship and business growth by streamlining regulations and making government business services and requirements easier to navigate • Increase travel time reliability in three corridors: I-25 (from north E-470 to south C-470); I-70 (from Vail to C-470); US 36

#3- Grow the Middle Class by Helping People Connect to Careers

• Close the attainment gap • Align resources and improve access to information within the workforce ecosystem to best meet customer’s (employers, job seekers, students) needs • Increase job placement rate, continued employment and wage growth in our programs

6

• Reduce substance use disorder • Reduce impact on daily life from mental illness

• Reduce obesity rate • Increase Immunization rate

• Improve health care insurance coverage • Improve efficiency of publicly funded health care service delivery

Business Objectives

#4- Drive Conservation with a Purpose and Ensure Smart Resource Management

• Ensure air and water quality are improved and protected by reducing air and water pollution • Enhance land stewardship through increased conservation • increase recreational usage of state land • Ensure a sustainable water future • Continue to be the leader in community-sensitive and environmentally responsible energy

development

7

In summer 2014, Colorado’s Executive Branch and the General Assembly partnered with the Pew-MacArthur Results First Initiative to implement Results First in Colorado. The Colorado Results First team is currently implementing this initiative in the adult criminal justice, juvenile justice, and child welfare policy areas. At the core of the Results First approach is a cost-benefit analysis model. Based on a model first developed by the Washington State Institute for Public Policy, it incorporates national research on program effectiveness and allows that national data to be analyzed in conjunction with Colorado-specific data. Once operational, the model will help our state:

Top IT Initiatives

Below are a few high priority Governor’s Office(s) technical initiatives that will be launched over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

Colorado Results First

8

• Systematically identify the success of state programs with a return on investment focus • Analyze programs based on their projected benefits, costs, and investment risks • Provide advice for policymakers on programs that could be targeted for additional funding or potential cuts based on effectiveness • Predict the impact of different policy options

In 2013, the Office of Information Technology (OIT) worked with vendor Deloitte to procure an enterprise-level application to track and conduct impact analysis on proposed legislation and create documentation needed to support this analysis in the form of technical and fiscal notes. The application, called the Legislative Tracking System (LTS), was built using the Salesforce platform using requirements provided by the Department of Corrections and the Department of Revenue. While using the application during legislative session over the past two years, the agencies discovered a number of opportunities for improvement. For a version 2.0 release, OIT hopes to incorporate these improvements and lessons learned from the first implementation. A significant part of the version 2.0 release will be a variation on the agencies’ standard use of the application. It will focus on building and configuring the functionality that enables the Governor’s Office of State Planning and Budget (OSPB) to use the application to conduct the same analysis being conducted for proposed legislation to facilitate the creation of official position statements on the legislation from each division in their office (Legal, Budget, Policy, Legislative) and to create a Governor’s Memo listing the respective positions and recommendations of each. In addition, version 2.0 will be configured to accommodate the needs of several agencies new to the use of the application. Finally, the current version of LTS imports data on upcoming proposed legislation from Circuit Media for a cost. However, Circuit Media obtains this data from the Colorado Legislative Council’s website at no cost, converting it into an XML format and making it available by subscription. For this application upgrade, OIT and the Legislative Council hope to work together to eliminate the middle step and integrate the Legislative Council’s data directly into LTS for a seamless, regularly-updating feed.

Top IT Initiatives

Legislative Tracking

9

The Enterprise Zone (EZ) Admin application supports the Colorado Enterprise Zone Tax Credit business process. Through this process, businesses are able to pre-certify for qualification for the Enterprise Zone tax credit. With this pre-certification, businesses can make strategic decisions that increase the amount of the tax credit, such as sponsoring health insurance for employees or raising their research and development budgets. Businesses can complete the certification to receive the tax credits during a subsequent process also contained within the EZ Admin application. This application uses the Salesforce Partner Portal License to provide EZ admin users with the basic portal interface required to take applications from the public, manage and then approve those applications. Salesforce retired the Partner Portal in 2013 and replaced it with Communities, and a variety of new functionality was introduced. OEDIT seeks to upgrade from the Partner Portal to Communities using the Partner Community License in order to benefit from the following functionalities:

A project is currently underway to re-designate the State Enterprise Zones. Location within Enterprise Zones is the primary qualifying criteria for businesses to receive tax credits for their support of economic development in distressed areas. The outcome of this project will be a digital map of the new Enterprise Zones and will be referenced by Salesforce to determine if businesses receive precertification and later certification as residing within an Enterprise Zone.

Top IT Initiatives

Enterprise Zone Administration Application GIS Integration (OEDIT)

Enterprise Zone Administration Application Upgrades (OEDIT)

10

• Application review is facilitated/automated through ArcGIS lookup

** OIT - Project in-take in process

• Search function to replace downloads of Excel reports. EZ Administrators have no easy way to locate a Pre-Certification or Certification number other than to sort, or export to Excel and use Excel’s properties. • Chatter feed for collaboration, posting comments, asking questions, uploading files. OEDIT would have a repository of EZ Administrative procedures and reference materials easily accessible. • Access to Salesforce1 to enable work via mobile interface

** OIT - Bid in process

Top IT Initiatives

Energy Performance Contracting Database System (CEO)

Provide a platform for managing and reporting out on a growing portfolio of projects in several program areas: energy performance contracting, residential energy efficiency, K-12 and other energy efficiency programs. Number of initial users is eight within CEO program teams.

There will be several users (external to CEO) provided limited access to data and asked to import or upload documents. For instance, energy performance contracting has 15 outside firms that provide services to program clients. They have (1) draft and final versions of reports and contracts that could be uploaded, and (2) year-end reporting requirements that could be fulfilled online. Other CEO program managers will have external users also.

**OIT - Awaiting final agency approval

11

Weatherization Application Modernization (CEO)

Weatherization Program Overview

The Colorado Energy Office Weatherization Assistance Program (“CEO Wx”) provides weatherization services to residential, low income clients throughout Colorado. These services are aimed to make clients’ homes more energy efficient, consequently saving the clients money on their energy bills. While CEO Wx staff manage the program, CEO Wx contracts with eight subcontractors who perform the actual weatherization work. Weatherization work is done on client homes, or “units”. Each unit receives a certain number of energy conservation and health/safety measures based on the cost effectiveness of the measure for the particular unit.

Database Overview

The CEO Wx Program requires a database to collect information about the clients and units that receive weatherization measures. This information is then used by CEO Wx staff, subcontractor staff, and program partner staff to create reports. These reports are used for a variety of purposes including financial reporting, program analysis, and forecasting. The database will be accessed within state offices by CEO Wx and CDHS partner staff. The database will also be accessed remotely primarily by subcontractor staff and occasionally by CEO Wx staff.

IT Roadmap Overview FY16 FY17 FY18 FY19 FY20

* Enterprise event/initiative; see Enterprise Roadmap Overview in Appendix 1 Unfunded: see Financial Overview in Appendix 2 OIT initiative that still needs to be planned with the agency 3 OEDIT Event 4 CEO Event

Init

iati

ves

Bu

s.

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Bu

sin

ess

Init

iati

ves

Two Factor Authentication*

Active Directory Integration*

Windows 10 Migration*

GIS Coordination4

Enterprise Zone Admin Application Upgrades3

Enterprise Wireless*1

Phone Modernization

(MIPC)

Energy Performance Contracting Database System4

Endpoint Encryption*

MyColorado Strategic Planning*2

Remote Access (eVPN)*

Legislative Tracking

Identity Management (Secure Colorado Part B)*1

Advanced Security Analytics/ Threat Discovery (Secure Colorado Part A)*1

12

Tec

hn

olo

gy

Ev

ents

Colorado Results First

Weatherization App Modernization4

Enterprise Zone Admin App GIS Integration3

Cisco Network Equipment

Service Desk 24X7*


Backup Colorado Phase II*

Infrastructure Refresh*

Financial Overview

Unfunded Technology Risk

Applications - - - - -

Tools - $2,400 $2,500 $2,600 $2,700

Infrastructure Services $85,000 $135,000 $135,000 $35,000 $15,000

OIT Pending FY17 Decision Items - $11,024 $12,739 TBD TBD

Total Unfunded* $85,000 $148,424 $150,239 $37,600 $17,700

● Technology debt and long-term cost ● Security vulnerabilities ● Maintenance

● Outdated technology ● Business goal impact ● Reactive issue resolution

Below is a summary of the estimated unfunded components of the Governor’s Offices IT Roadmap. Detailed breakdown can be found in Appendix B.

UNFUNDED FY16 FY17 FY18 FY19 FY20

13

Governor’s Offices Unfunded Technology Outlook

* For context, FY14 total IT spend for the Governor’s Office was $93,493,130 1No supplementals have been requested; this total represents the technology debt that the Governor’s Office is acquiring in FY16

Glossary & Acronyms

Two-Factor Authentication

Two-factor authentication adds a second level of authentication to an account log-in. The second level may be something you know (like a PIN), something you have (like an ATM card), or something you are (like a fingerprint). By choosing two different channels of authentication, user logins are protected from remote attacks that may exploit stolen credentials.

Active Directory This Identity Management solution will help streamline management of identity for creation, modification or deletion. Dell One Identity Manager has been selected as the solution of choice and is in the early project stages. This project was an OIT FY16 decision item that is billed back to the agencies based on server inventory.

Advanced Security Analytics/ Threat Discovery (Secure Colorado Part A)

Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1,000,000 beginning in FY17 and every year thereafter to improve security incident preparedness and intelligence with the use of a visualization tool and two FTE. This would heighten OIT’s ability to detect and respond to a breach.

Asset Discovery, Endpoint Mgmt (SCCM)

The Systems Center Configuration Manager allows administrators to manage large groups of Windows-based computer systems. SCCM helps Deskside administrators to provide their users with operating systems, applications, and updates virtually. Currently there are implementation efforts moving across seven agencies.

Backup Colorado Phase II

Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 decision item that is billed back to the agencies based on CSN circuits and servers being hosted and housed by OIT.

Common Policy Most of OIT’s services and functions are covered via Common Policy for a specific length of time. Common Policy bases costs on customers, services, and usage estimates at the start of a fiscal year. The actual usage and amount due are calculated during the fiscal year. Initiatives that are funded through Common Policy do not include agency level enhancements, support or maintenance after re-appropriated funds are depleted.

Endpoint Encryption Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. The most common form of encryption, called “symmetric key encryption” secures information in the transfer from one party to another; conversely, endpoint encryption secures data at rest. Data is unreadable to an attacker in the event that a device is lost or stolen.

14

Glossary & Acronyms

Enterprise Wireless

The Enterprise Wireless project will make secure wireless Internet accessible to all OIT customers. Implementing wireless Internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY16 decision item that is billed back to the agencies based on FTE.

Funded Funded items have a defined source of funding that has been approved and has a plan in place for completion.

FTI Federal Tax Information which the state is responsible for protecting.

HIPAA Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical information

HRIS The Human Resources Information System (HRIS) project is well underway and will allow State of Colorado agencies to have a consistent approach for common HR processes and to create a single source of truth that can be accessed by HR state employees with proper credentials.


Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1,235,922 for FY17 and $1,228,676 for FY18 to implement an identity management tool across the state that would allow OIT to detect and remove dangerous and costly orphaned accounts and expedite the new employee system provisioning process.

PII Personally Identifiable Information which the state is the responsible for protecting.

Network/ Database Monitoring Tool Implementation (SolarWinds)

SolarWinds is a system that monitors IT infrastructure such as networks and servers, and can identify performance problems that could affect user access to applications. SolarWinds can automatically respond in various ways, from simply notifying support staff via email or text message, to even initiating actions such as rebooting devices. OIT is currently deploying SolarWinds across all of our supported agencies. The initial deployment will monitor network segments and devices only, and eventually we will configure it to monitor servers and applications.

Unfunded Unfunded items are considered essential to the business but are currently lacking defined funding and do not have an approved decision item.


Enterprise Virtual Private Network is a statewide, central remote access solution that provides enhanced security, standardization, and maintenance efficiency.

Appendix A

Statewide Initiative Roadmap B

usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols


Two Factor Authentication


Backup Colorado

Enterprise Wireless



24 x 7 Service Desk


MyColorado Strategic Planning


CORE

HRIS






Single Sign-On

MyColorado Implementation


Endpoint Encryption

16


Appendix B

Unfunded Event Breakdown

Event Type FY16 FY17 FY18 FY19 FY20

Below is an itemized summary of the estimated unfunded components of the Governor’s Office’s technology outlook.

Unfunded Infrastructure

Enterprise Wireless $50,000 $50,000 - -

MS OS and Office License Upgrades $20,000 $20,000 $20,000 $20,000 -

Video/Multi Media $15,000 $15,000 $15,000 $15,000 $15,000

Wiring Assessment/Upgrades $50,000 $50,000 $50,000 - -

Total Unfunded Infrastructure $85,000 $135,000 $135,000 $35,000 $15,000

17

Unfunded Tools

SolarWinds - $2,400 $2,500 $2,600 $2,700

Total Unfunded Tools $0 $2,400 $2,500 $2,600 $2,700

Appendix B


1Decision Item cost allocation is absorbed into Common Policy after the first two years; once absorbed into Common Policy, different and pending rates may apply.

18

Unfunded (Pending) Decision Items

Advanced Security Analytics/ Threat Discovery (Secure CO Part A)

- $4,930 $4,930 -1 -1

Identity Management (Secure CO Part B) - $6,094 $6,058 -1 -1

Enterprise Tools - - $1,751 -1 -1

Total Unfunded (Pending) Decision Items

$0 $11,024 $12,739 $0 $0

Total Unfunded Items $85,000 $148,424 $150,239 $37,600 $17,700


Governor’s Office



Office of Information Technology



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon




• Major agency project decisions may alter this plan (e.g., equipment and infrastructure refreshes).

• Infrastructure and security needs will be maintained for FTI/HIPAA/PII/FBI/IRS/PCI compliance.



• Enterprise or support agreement is currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end user equipment.

• OIT will continue to assess the inventory of applications for needed new development/upgrades/replacements/consolidation and/or retirements and will adjust this planning document accordingly.

• OIT is executing on a four year lifecycle for desktops and three years for laptops.

• OIT is developing out the enterprise IP based services (video, phone, unified communications).



Assumptions

4


OIT collaborates with customers to provide day-to-day digital support and present smart solutions that transform government through IT. We push ourselves to deliver next generation, integrated technology in order to create a dynamic end user experience for Coloradans and offer the expertise our customers expect.



service



applications





5

Technology lifecycles are much shorter than the OIT business cycle; therefore, planning technology changes to fit OIT’s business initiatives is one way to help improve business.

The mission of OIT is to securely enable the effective, efficient and elegant delivery of government services through trusted partnerships and technology. This page highlights the overarching objectives that OIT identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Building on Basics with Cutting Edge Technology for our Customers

#2- Securing Colorado Through Innovation

15% increase in Service Excellence Rating by June 30, 2016; supporting OIT initiatives:

10% reduction in the state’s enterprise Risk Score by June 30, 2016; supporting OIT initiatives:

#3- Empowering, Engaging and Energizing Employees

4% increase in OIT’s Employee Engagement Score by June 30, 2016; supporting OIT initiatives:

6

• Agency Partnership and Project Leadership • Enabling Business Efficiency • Foster Data Transparency

• Develop an enterprise identity management system • Reduce privileged system access • Implement application security testing into the software development lifecycle

• Implement a Learning and Development Program across OIT • Enhance OIT culture by strengthening employee relations across geographical locations and providing staff with key materials in support of our mission to be a customer-focused organization #4- Strengthening Colorado’s Technology Landscape

1,000 additional technology jobs in Colorado by June 30, 2016; supporting OIT initiatives:

• Strengthen broadcast access and speeds across the state • Continue to lead Colorado’s participation in FirstNet, a federal effort to create a dedicated nationwide public safety broadband network

To provide the most optimal service to our customers, we are unifying our Service Desk team and expanding available hours of service. We are committed to providing comprehensive support through several channels such as self-service portal, phone, email, mobile, chat, and video so that our diverse customer groups can use their preferred method to interact and receive assistance. In the coming years, our customers will experience greater agility in support capabilities and a stronger knowledge-base among our staff.

To simplify how Coloradans interact with their government, OIT is exploring the creation of a single online point of access for state government services. This portal will streamline the public’s experience, saving time and confusion, as well as reduce costs related to infrastructure, duplicate information, and mailing. In the coming year, we will be working with the Governor’s Office and state agencies to develop this concept further.

Top IT Initiatives

Below are a few high priority OIT technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

A State Government Service Portal for All (MyColorado)

Seamless Service Desk Delivery

7

As a service organization, it is critical that every employee at OIT approaches every task with the customer’s experience front and center. We serve the people who serve Colorado, and every function we carry out, from application development to project management, is about producing the most effective IT solution so that our customers and our state may thrive.

Customer Service Training for all OIT Employees

DTR Microwave Upgrade

The DTR Microwave System provides network connectivity for all communications towers and 911 dispatch centers utilizing the statewide DTR system. These towers provide 2-way mission critical voice communication to public safety first responders across the state. Some portions of the westbound microwave network were installed in 1969. The entire microwave system was last updated during the late 1980’s and early 1990’s. The system is antiquated and is no longer supported by the manufacturers and their vendors. The Public Safety Communications Network is no longer able to procure replacement and repair parts in order to sustain this mission critical system.

Top IT Initiatives

Enterprise Wireless Service

Enterprise wireless service will make secure wireless Internet accessible to all OIT customers. Implementing wireless Internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY!6 Decision Item.

8

Identity Management Suite

Quest One Identity Management will provide the Access Control team with a comprehensive tool to provide identity and access based on access roles, control, policy, workflows and attestations to meet security, efficiency and compliance objectives as well as control and audit administrative access with delegation.


* Enterprise event/initiative; see Appendix A: Statewide Initiative Roadmap 1 Unfunded: see Appendix B: Unfunded Event Breakdown for details 2 OIT initiative that still needs to be planned with the agency 3 Partially funded

Init

iati

ves

Bu

sin

ess

Ap

ps

T

oo

ls

Bu

sin

ess

Init

iati

ves


APMS

Automic

State Government Service Portal (MyColorado)*1


9

HP Functional Test Automation1

Application Release Management1

Tec

hn

olo

gy

Ev

ents

Eliminate Redundant

Applications

Launch HRIS

Strengthen Broadband

Implement DRIVES

Customer Service Training

Service Desk Delivery3

Develop Identity Management System

Promote Open Data through CIM

Create Offender Management System

Reduce Privileged System Access

Improve Service Management

Implement Learning and Development Program


* Enterprise event/initiative; see Appendix A: Statewide Initiative Roadmap 1 Unfunded: see Appendix B: Unfunded Event Breakdown for details 2 OIT initiative that still needs to be planned with the agency

DT

RS

Single Sign On*


Windows 2003 Migrate to 2012*




10

Tec

hn

olo

gy

Ev

ents

Tower Site Rectifier

Replacement Phase 1

Tower site rectifier

replacement Phase 21

DHSEM CC request, 8 new DTRS sites per year1

Enterprise Wireless*


Microsoft Enterprise Agreement

Cisco Network Refresh

Infr

astr

uct

ure

Ser

vic

es

Pueblo Shop relocation - CDOT1

Propane Tank Replacement

Replace M/W towers Phase 2/3 DHSEM CC request,

Zone Controller Addition1

DTB Arkansas St, Purchase from CDOT1

Montrose CSP/equipment room

construction1 Microwave System Replacement

DTRS System Version Upgrade Greeley CDOT Tower Relocation

GTR Transmitter Replacement

Financial Overview


Applications $0 $1,322,117 $932,117 $932,117 $627,117

Tools - - - - -

Infrastructure Services $0 $16,111,437 $17,372,600 $12,692,600 $12,692,600

OIT Pending FY17 Decision Items $0 $68,815 $71,405 TBD TBD

Total Unfunded* $0 $17,502,369 $18,376,182 $13,624,717 $13,319,717



Below is a summary of the estimated unfunded components of OIT’s technology roadmap. A detailed breakdown can be found in Appendix B.


11

OIT’s Unfunded Technology Outlook

* For context, OIT’s FY14 total IT spend was $156,869,212.

Glossary & Acronyms


Two-factor authentication adds a second level of authentication to an account log-in. The second level may be something you know (like a PIN), something you have (like an ATM card), or something you are (like a fingerprint). By choosing two different channels of authentication, user logins can be protected from remote attacks that may exploit stolen credentials.

Active Directory This Identity Management solution will help streamline management of identity for creation, modification or deletion. Dell One Identity Manager has been selected as the solution of choice and is in the early project stages. This project was an OIT FY16 Decision Item that is billed back to the agencies based on server inventory.


Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1 million beginning in FY17 and every year thereafter to improve security incident preparedness and intelligence with the use of a visualization tool and two FTE. This would heighten OIT’s ability to detect and respond to a breach.

APMS Application Portfolio Management System provides a documented and repeatable framework for improved and sustainable management of application lifecycle to ensure ongoing consolidation and the decommissioning process



Automic Automic's suite of automated solutions are helping OIT stay enterprise focused with salable solutions across many automation frontiers.


Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 Decision Item that is billed back to the agencies based on CSN circuits and servers being hosted and housed by OIT.

CIM Colorado Information Marketplace. As a convenient statewide central repository for open data, CIM not only advances data sharing between agencies and the public, but enables the public to access and use the data to create new tools and applications. The platform was an integral component of the Go Code Colorado initiative. In this statewide apps challenge, competitors used public data accessible from CIM to create mobile and online business applications that solve actual business problems.

12

Glossary & Acronyms


DRIVES Driver License, Record, Identification and Vehicle Enterprise Solution, or DRIVES, is the DMV modernization project for the driver's license and title and registration systems.

DTRS

Digital Trunked Radio System provides operability and interoperability between public safety agencies and emergency responders to 216 sites across the state and serves more than 1,000 state, local, federal and tribal agencies using over 81,000 subscriber units. DTR has become the primary method for mission critical public safety communications across the state.

EcoSystem EcoSystem is OIT’s suite of interconnected systems and databases across the state that deliver business services through workflow automation, reporting mechanisms and processes. The EcoSystem will enable a consistent customer experience across enterprise service offerings through an improved customer-facing web portal.


Enterprise Wireless The Enterprise Wireless project will make secure wireless Internet accessible to all OIT customers. Implementing wireless Internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY16 Decision Item that is billed back to the agencies based on FTE.

FirstNet FirstNet is a federal effort to create a dedicated nationwide public safety broadband network.

FTI Federal Tax Information, which the state is responsible for protecting.


13

Glossary & Acronyms




ITAM ITAM is IT Asset Management, which is intended to record and track detailed hardware and software inventory information.

Offender Management System

Electronic offender management system with integrated Electronic Health Records, Parole and Community Services that is fully integrated with all necessary operation, financial modules, and systems.

PII Personally Identifiable Information, which the state is the responsible for protecting.



Radiant Logic RadiantOne VDS

VDS is Virtual Directory Abstraction Layer.



SmartNet Coverage

SmartNet Coverage is a network server for UCS hosts at eFORT.

Unfunded Unfunded items are considered essential to the business but are currently lacking defined funding and do not have an approved Decision Item.

Glossary & Acronyms

DTRS Glossary

DTB Arkansas St, purchase from CDOT

CDOT has announced plans to sell its HQ property at 4201 E Arkansas for development. This location hosts the Denver Transmitter Building, which is the central hub for the DTRS. The facility contains a tower supporting multiple microwave paths, fiber connections, and the DTRS Master Zone controller (primary controller for the entire statewide DTRS). OIT must purchase a parcel of the property to ensure uninterrupted service to public safety agencies statewide.

DTRS System version upgrade

HB 14-1203 defines additional funding for scheduled DTRS software upgrades. Funding for the system-wide software refreshes begins in FY17 and ends in FY25.

Greeley CDOT Tower relocation

CDOT is selling their property in Greeley and relocating to a new facility west of Greeley. OIT must purchase a parcel of the existing property for relocation and replacement of the DTRS tower and related transmitters, microwaves, fiber hub, and maintenance shop.

GTR Transmitter replacement

HB 14-1203 began funding phased replacement of legacy transmitters at DTRS tower locations. Funding has been allocated for this project through FY25. Project is ongoing.

Microwave system replacement

The Microwave System Replacement is a 5-year phased replacement of the states aged microwave system which provides network connectivity for all the DTRS towers. Existing microwave equipment has surpassed its end of useful life by at least a decade and is no longer supported.

Propane tank replacement

Propane tank replacement is the replacement of antiquated propane tanks at DTRS tower sites. The propane tanks are the source of fuel for the backup power generators that sustain the public safety radio system in the event of a utility electric service interruption.

Pueblo Shop relocation - CDOT

CDOT has announced plans to sell its property located at 902 Erie in Pueblo. This location hosts a DTRS tower supporting multiple microwave paths, fiber hub, and DTRS transmitters. OIT must purchase a parcel of the CDOT property to ensure uninterrupted service to public safety agencies.

Replace M/W towers Phase 2/3

M/W tower replacement is an ongoing phased and scheduled replacement of DTRS aged and antiquated towers, some of them currently more than 40 years old.

Tower site Rectifier Replacement Phases 1-2

The Tower Site Rectifier replacement is the phased replacement of antiquated rectifiers (electrical device that converts alternating current (AC) to direct current (DC) at DTRS tower sites.

Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

16


Appendix B



Below is an itemized summary of the estimated unfunded components of OIT’s technology outlook.


Tower site Rectifier Replacement Phase 2/2 - $568,837 - - -

DTB Arkansas St, purchase from CDOT

- $2.75M - - -

Pueblo Shop relocation - CDOT

- - $1M - -

Montrose CSP/equipment room construction

- - $180,000 - -

DHSEM CC request, 8 new DTRS sites per year

- $12.5M $12.5M $12.5M $12.5M

DHSEM CC request, Zone Controller addition

- - $3.5M - -

MS OS and Office License upgrades

- $142,600 $142,600 $142,600 $142,600

Buildout of Enterprise IP Video Services

- $150,000 $50,000 $50,000 $50,000

Total Unfunded Infrastructure $0 $16,111,437 $17,372,600 $12,692,600 $12,692,600

17

Appendix B




18



- $30,777 $30,777 -1 -1


Enterprise Tools - $0 $2,813 -1 -1


$0 $68,815 $71,405 $0 $0

Total Unfunded Items $0 $17,502,369 $18,376,182 $13,624,717 $13,319,717

Unfunded Applications

APMS - $95,000

Automic - $87,117 $87,117 $87,117 $87,117

Agile rollout - $45,000 $45,000 $45,000 $45,000

Application Release Management - $90,000

HP Functional Test Automation - $700,000 $400,000 $400,000 $400,000

MyColorado - $400,000 $400,000 $400,000 -

Total Unfunded Infrastructure

$0 $1,322,117 $932,117 $932,117 $627,117

Office of Information Technology



Department of Agriculture


Roadmap Goals Assumptions Aligning Technology with Business Objectives Business Objectives Top Three Initiatives IT Roadmap Overview Financial Overview Glossary Appendix A: Statewide Initiative Roadmap Appendix B: Unfunded Event Breakdown

Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3



• Major agency project decisions may alter this plan (e.g. equipment and infrastructure refreshes).




• Enterprise or support agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end user equipment.

• AgLicense project continues with funding.

• Building consolidation continues.

• A new State Fair solution would be accessed via MyColorado portal.


• Certain projects and initiatives that are dependent upon the approval and/or completion of preceding initiatives.

Assumptions

4


CDA is comprised of eight divisions: the Commissioner's Office, Animal Health, Brands, Colorado State Fair, Conservation Services, Inspection and Consumer Services, Markets, and Plant Industry. A primary focus of the Department of Agriculture is moving from paper/manual processes to digital to increase efficiency and focus on value added service.



service



applications





5

Technology lifecycles are much shorter than the CDA business cycle; therefore, planning technology changes to fit CDA’s business initiatives is one way to help improve business.

The mission of CDA is to strengthen and advance Colorado agriculture; promote a safe, high quality, and sustainable food supply; and protect consumers, the environment, and natural resources. This page highlights the overarching objectives that CDA identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1-Implement AgLicense system

#2 -Office Consolidation

Moving licensing of CDA customers from a manual/paper process to a digital electronic solution will increase speed and convenience while helping the department to operate more efficiently. A second benefit will allow CDA to reduce its inventory of legacy applications as they migrate to this new platform. This will result in reducing technology debt.

Phase I of the department’s office consolidation was completed. Planning is ongoing for Phase II which will locate the Inspection and Consumer Services Division and its biochemistry and metrology laboratories, as well as the Animal Health Division’s Rocky Mountain Region Animal Health Laboratory (RMRAHL) to the department’s new location in Broomfield.

#3-Public Outreach

Communicate information about Colorado agriculture and department programs to the public and media. Employ use of multiple platforms including social media to share and educate the public on agriculture in Colorado. Consider public access systems via MyColorado portal.

6

Legislation has passed that implements hemp testing with the established marijuana labs in the closed circle set up within the Department of Revenue. The department will interface with the METRC system to provide test results to growers and it will store results at CDA.

Enabling our customers to apply or renew and pay for their licenses, registrations, and inspections through an online application intended to improve operational efficiencies and enhance customer service. Implementation of the AgLicense project proceeded according to schedule in FY15 with nine programs utilizing the portal. The percentage of customers utilizing the system in FY15 exceeded expectations by a wide margin with businesses and individuals processing their renewals online.

Top IT Initiatives

Below are a few high priority CDA technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

AgLicense

Hemp Legislation

7

Phase I of the department’s office consolidation was completed. Planning is ongoing for Phase II which will locate the Inspection and Consumer Services Division and its biochemistry and metrology laboratories, as well as the Animal Health Division’s Rocky Mountain Region Animal Health Laboratory (RMRAHL) to the department’s new location in Broomfield.

Complete Office Consolidation

IT Roadmap Overview


* Enterprise event/initiative; see Appendix A: Statewide Initiative Roadmap 1 Unfunded: see Appendix B: Unfunded Event Breakdown for details 2 OIT initiative that still needs to be planned with the agency 3 Partially Funded

Init

iati

ves

Bu

sin

ess

Ap

ps

Tec

hn

olo

gy

Ev

ents

To

ols

Bu

sin

ess

Init

iati

ves


CDA Office Consolidation3

eCerts Project Implementation3

SalesForce1

Application Rationalization


Ag License Project: Renewals, inspections, enforcement


8

Network/Database Monitoring (SolarWinds)*1

Evaluate new credit card solution for State Fair

Division

Implement Salesforce Solutions3

Implement mobile apps on state cloud

Increase bandwidth at Insectory1

Hemp Legislation

Enterprise State Fair Software via MyColorado1

IT Roadmap Overview



Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

Service Desk 24x7


Windows 2003 migrate to 2012*

Single Sign On*



Backup Colorado Phase II*1




9

Infrastructure Refresh*1

Desktop Refresh @ 25%1

Financial Overview


Tools $12,191 $4,838 $4,938 $5,038 $5,138

Business Applications $17,000 $17,000 $517,000 $42,000 $42,000

Infrastructure Services $80,239 $63,288 - - -

OIT Pending FY17 Decision Items - $20,620 $20,553 - -

Total Unfunded Tools* $109,4301 $105,746 $542,491 $47,038 $47,138



Below is a summary of the estimated unfunded components of CDA’s technology roadmap. Detailed breakdown can be found in Appendix B.


10

CDA’s Unfunded Technology Outlook

* For context, CDA’s FY14 total IT spend was $2,115,588. 1No supplementals have been requested; this total represents the technology debt that CDA is acquiring in FY16.

Glossary & Acronyms


Two-factor authentication adds a second level of authentication to an account log-in. The second level may be something you know (like a PIN), something you have (like an ATM card), or something you are (like a fingerprint). By choosing two different channels of authentication, you can protect user logins from remote attacks that may exploit stolen credentials.



Secure Colorado is OIT’s statewide strategic security plan. Beginning in FY17, OIT has requested $1 million every year ongoing to improve security incident preparedness and intelligence with the use of a visualization tool and two FTE. This would heighten OIT’s ability to detect and respond to a breach.




Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 Decision Item that is billed back to the agencies based on CSN circuits, and servers being hosted and housed by OIT.

Common Policy Most of OIT’s services and functions are covered via Common Policy for a specific length of time. Common Policy bases services on customers, costs, and usage estimates at the start of a fiscal year. The actual usage and amount due are calculated during the fiscal year. Initiatives that are funded through Common Policy do not include agency level enhancements, support or maintenance after re-appropriated funds are depleted.

Decision Item DI: A proposal for change(s), which usually includes a request for funding.


11

Glossary & Acronyms

Enterprise Wireless

The Enterprise Wireless project will make secure wireless Internet accessible to all OIT customers. Implementing wireless Internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY16 Decision Item that is billed back to the agencies based on FTE.

FBI Federal Bureau of Investigation, the body which asserts that the state is responsible for maintaining confidentiality of criminal justice information services.



HIPAA Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical and personal information.





Network/Database Monitoring Tool Implementation (SolarWinds)




Unfunded Unfunded items are considered essential to the business but are currently lacking defined funding and do not have an approved Decision Item .

Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

13


Appendix B Unfunded Event Breakdown


Below is an itemized summary of the estimated unfunded components of CDA’s technology outlook.


R1:Infrastructure Refresh $31,972 $28,812 - - -

R2:Systems Infrastructure Staff $6,165 $6,402 - - -

R3:Active Directory Consolidation $4,696 $3,703 - - -

R4:Enterprise Wireless $4,034 $968 - - -

Backup Colorado Phase II $30,322 $23,403 - - -

R:Data Governance/Analytics $3,050 - - - -

Total Unfunded Infrastructure $80,239 $63,288 $0 $0 $0

14


State Fair Enterprise solution - - $500,000 $25,000 $25,000

Salesforce solutions $17,000 $17,000 $17,000 $17,000 $17,000

Total Unfunded Applications $17,000 $17,000 $517,000 $42,000 $42,000


Unfunded Tools

Dell IDM $12,191 $2,438 $2,438 $2,438 $2,438

SolarWinds network monitoring - $2,400 $2,500 $2,600 $2,700

Total Unfunded Tools $12,191 $4,838 $4,938 $5,038 $5,138



- $9,222 $9,222 -1 -1

Identity Management (Secure Colorado Part B) - $11,398 $11,331 -1 -1


$0 $20,620 $20,553 $0 $0




15

Department of Agriculture



Department of Corrections



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3





• Cost estimates are based on initial quote/vendor information and/or past initiatives are subject to change.


• Enterprise or Support Agreements are in place for Oracle, RedHat/Linux, CommVault and VMWare; therefore, additional cost will not be incurred for upgrades and support for the life of the contract.

• Enterprise or Support Agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end-user equipment.

• Digital Trunked Radio (DTR) 7-year refresh plan is in place for existing DOC DTR’s. Additional DTR radios are not covered under that refresh.

• DOC does not currently have a refresh plan for desktop computers, printers and/or peripherals.


Assumptions

4




service



applications





5

Technology lifecycles are much shorter than the DOC business cycle; therefore, planning technology changes to fit DOC’s business initiatives is one way to help improve business.

The Department of Corrections (DOC) mission of protecting the citizens of Colorado by holding offenders accountable and engaging them in opportunities to make positive behavioral changes and become law-abiding productive citizens remains consistent. The DOC anticipates that over the next five years, the following Information Technology initiatives will have the greatest impact on effectively delivering on its mission.

Business Objectives

#1- Enhanced Use of Technology

#2- Reduce Technical Parole Violators (from 32% to 25% by 6/30/16)

The Colorado Board of Parole will engage, utilize and embrace technological advances designed to make work more effective, efficient, and productive. The Colorado Board of Parole has traditionally utilized a system of operation that was greatly dependent upon handwritten hard copies. We are transforming as many operational activities as possible from this paper-based platform to a paperless, electronic solution. OIT has automated several manual processes such as application and revocation hearings. Phase III of the DeCORuM project will further automate Parole Board processes.

Use proactive approach case management and intervention skills which focus on successful outcomes for technical parole violators (TPV).

6

•Increase use of intermediate sanctions: actions taken to address non-compliant behavior without a formal disciplinary hearing •Implement a parolee positive reinforcement program in conjunction with the Colorado Violation Decision Making Process •Colorado Web-Based Integrated Support Environment (CWISE) will be programmed to count each positive interaction and/or incentive awarded •Implement an in-jail Vivitrol (prescription medication) program to treat addiction •DeCORuM project to deliver a full-life cycle offender and parolee management system that begins at intake through release from custody •Complete system integration will provide for more complete data in support of better analysis and decision making

Business Objectives

#4- Reduce Parolee Intensive Supervision Program (ISP) Failures (from 22% to 19.5% by June 30, 2016)

#5- Staff Development & Efficiencies

Improve public safety and reentry outcomes using case management and linking incentives with intermediate sanctions.

DOC will maintain proficiency and remain current on changes in parole laws and developments, initiate an aggressive and innovative training program in accordance with SB11-241.

7

#3- Expand Number of Intensive Residential Treatment Beds (from 125 to 250 beds over 2 fiscal years)

Provide intensive residential substance abuse treatment.

• Senate Bill 15-124 will appropriate 48 IRT beds • Collaborate with the Division of Criminal Justice for proposal of additional 48 IRT beds • Explore alternatives with different organizations (e.g, non-profits, community-based organizations) • DeCORuM to make Offender and Parolee management systems more readily accessible to community-based partners

• Implement parolee positive reinforcement program in conjunction with the CVDMP • Develop and implement policy to provide guidelines • CWISE will be programmed to count each positive interaction and/or incentive awarded and to prompt CPOs to award incentives • CWISE will be updated to capture necessary data • Risk will be linked to the appropriate supervision and contact level based on “Dosage” • Program will provide parolees a pathway to earn early transition • DeCORuM to build on the computer automation currently in C-WISE

• Monitor training requirements for existing and new board members and implement skill-based training *Reduce disparity between members release decisions • Utilize performance data to measure the success / failure of the overall decision making process • Improve timely analysis of data to measure performance and address deficiencies • Parole board data analyst will identify relevant metrics for routine monitoring of offender / parolee success rates, and identify relevant metrics where data availability must be developed • DeCORuM to provide the performance data and tools to analyze decision-making

This replaces several antiquated legacy computer systems with a single modern web-based system. DeCORuM will support the management of Offenders from intake into the department through community corrections and discharge. It will streamline processes and support enhanced data analysis and reporting. While it supports standard correctional service processes, it will include new technologies that will enhance offender management.

The Department of Corrections Offender Records Management (DeCORuM) system will replace the DOC’s antiquated legacy systems with a state of the art corrections-centric Electronic Health Record (EHR) system. This system will automate much of what is currently a paper process. Enhanced continuity of care can be expected as health records can be made available to community healthcare partners and private providers as well.

Top IT Initiatives

Below are a few of the most high priority DOC technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview. DeCORuM Phase I: Electronic Health Records

DeCORuM Phase II: Offender Management

8

DeCORuM will eliminate the disparate systems and data that currently exists in favor of a single, web-based and mobile-enabled system with a single integrated data repository. It will support the entire lifecycle of Offender and Parolee Management as well as health-care services with a goal of assisting the department in reducing recidivism. The new system will allow for greater automation of Parole Board processes.

DeCORuM Phase III: Parolee Management & Parole Board Automation


* Enterprise event/initiative; see Appendix A: Statewide Initiative Roadmap 1 Unfunded: see Appendix B: Unfunded Event Breakdown for details 2 OIT initiative that still needs to be planned with the agency 3 FY 17-18 Capital Construction Project

Init

iati

ves

Bu

sin

ess

Ap

ps

T

oo

ls

Bu

sin

ess

Init

iati

ves


Offender Management System (DeCORuM Phase II)

Kronos

KRONOS Timekeeping

MyColorado Stragic Planning*2

CVDMP Positive Reinforcement Program Qty of auto-generated prompts (FY16:

112,500; FY17: 306,250; FY18: 500,000)


9

Asset Discovery, Endpoint Mgmt

(SCCM)*

Tec

hn

olo

gy

Ev

ents

Electronic Health Records (DeCORuM Phase I)

Automated (TeleStaff) Scheduling

Parole Complaint Automation

Parolee Management System (DeCORuM Phase III)3

Network/Database Monitoring Tool Implementation (SolarWinds)*

Wireless Monitoring (I.S.E)*


* Enterprise event/initiative; see Appendix A: Statewide Initiative Roadmap 1 Unfunded: see Appendix B: Unfunded Event Breakdown for details

Infr

astr

uct

ure

Ser

vic

es

Single Sign On*

Application Xtender / WebXtender (DOC document scanning, storage and access)

WYSE Virtualization (Offender Labs)

Backup Colorado*

2 Factor Authentication*



10

Tec

hn

olo

gy

Ev

ents


Microsoft Office Refresh

DTR Radio Refresh

Barracuda Upgrade (Offender Network)

V-Block Hardware (DeCORuM)

MIPC Phone System for new Headquarters

Data Center Relocation

Legacy Telephony / Avaya

10Gb Circuit between DOC HQ & eForte data center for System Redundancy

Cisco Network Refresh (6-year cycle)

Colorado State Network - CenturyLink

Voice Circuits - CenturyLink

Desktop & Laptop Computer Refresh (4,000 Staff + 2,000 Offender)

Financial Overview


Tools - - - - -

Applications - $10,469,9601 - -

Infrastructure Services $194,526 $1,390,225 $1,379,960 $1,392,460 $1,405,960

OIT Pending FY17 Decision Items

$0 $458,838 $492,735 TBD TBD

Total Unfunded2 $194,5263 $1,849,063 $12,352,920 $1,392,460 $1,405,960

● Technology debt and long-term cost ● Outdated technology ● Business goal impact ● Reactive issue resolution ● Maintenance ● Security vulnerabilities

● The major portion of DOC's unfunded technology is DeCORuM Phase III. Phase III is the final phase that will move the DOC to a single-integrated system. Failure to complete Phase III will leave the agency with multiple, loosely-connected systems, thereby, making data analysis and reporting difficult at best.

Below is a summary or the estimated unfunded components of DOC’s technology roadmap. Detailed breakdown can be found in Appendix B.


11

DOC’s Unfunded Technology Outlook

1 Capital construction request for DeCORuM, Phase III 2For context, DOC’s FY14 total IT spend was $20,224,714 3 No supplementals have been requested; this total represents the technology debt that DOC is acquiring in FY16

Glossary & Acronyms

12

2-Factor Authentication Two-factor authentication adds a second level of authentication to an account log-in. The second level may be something you know (like a PIN), something you have (like an ATM card), or something you are (like a fingerprint). By choosing two different channels of authentication, you can protect user logins from remote attacks that may exploit stolen credentials.

Active Directory (AD) This Identity Management solution will help streamline management of identity for creation, modification or deletion. Dell One Identity Manager has been selected as the solution of choice and is in the early project stages. This project was an OIT FY16 decision item that is billed back to the agencies based on server inventory.



Appcys Adult Parole, community, youthful offender services agency-specific, custom application.



Backup Colorado Phase II Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 decision item that is billed back to the agencies based on CSN circuits and servers being hosted and housed by OIT.

Barracuda Upgrade The Barracuda is a firewall appliance in place to control and deliver inmate requests to and from the internet. The device allows for content delivery without Internet Access.

Cisco Network Refresh The department’s network switches will be replaced on a 6-year-cycle.

Colorado State Network - CenturyLink

This provides data network connectivity for all of the department’s locations.

Glossary & Acronyms

13


CPO CPO is Community Parole Officers.

CVDMP Colorado Violation Decision Making Process is the positive reinforcement program.

CWISE CWISE is the Colorado Web-Based Integrated Support Environment.

DCJ DCJ is the Division of Criminal Justice.

DeCORuM The Department of Corrections Offender Records Management (DeCORuM) system will replace the DOC’s antiquated legacy systems with a state of the art web-based and mobile enabled Offender & Parolee Management System with integrated Electronic Health Records (EHR).

Decision Item (DI) A DI is proposal for change(s), which usually includes a request for funding.

Dosage Dosage is a measurement unit that reflects the number of contacts between a CPO and offender based on offender risk. The higher the risk will result in a higher number of contacts between the CPO and offender.

DTR Radio Refresh The department’s Digital Trunked Radios will be replaced on a 7-year-cycle.



Glossary & Acronyms

Federal Tax Information (FTI) The State is responsible for protecting Federal Tax Information.


Health Insurance Portability & Accountability Act (HIPAA)

Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical information.

Human Resources Information System (HRIS)

HRIS is a project that is well underway. This System will provide the State of Colorado agencies a central local and consistent approach for common HR processes and create a single source of truth that can be accessed by HR state employees with the proper credentials.



Infrastructure Refresh Infrastructure Refresh is an ongoing effort to institute an IT Network, Systems Infrastructure, and Voice Services refresh programs. This project was an OIT FY16 decision item that is billed back to the agencies based on FTE and server count.

IRT IRT is an Intensive Residential Treatment.

ISP ISP is the parolee Intensive Supervision Program.

IT Asset Management (ITAM) ITAM records and tracks detailed hardware and software inventory information.

KRONOS TimeKeeping KRONOS is a cloud-based timekeeping system that will replace DOC’s paper-based and legacy timekeeping procedures and system.



Glossary & Acronyms O-RILE O-RILE is offender release of information for law enforcement. This is an agency-

specific, custom application that will be replaced with DeCORuM.

Parole Complaint Automation

Parole Complaint Automation will Integrate data from Colorado Violation Decision Making Process (CVDMP) in CWISE with Parole Complaint System in DCIS. This will include a two-way data transfer between CDOC and Protocol (CWISE vendor) for the purpose of streamlining the parole complaint/revocation process.

Personally Identifiable Information (PII)

The State is the responsible for protecting PII.


VDS is the Virtual Directory Abstraction Layer.

Remote Access (eVPN) Enterprise Virtual Private Network is a statewide, central remote access solution that provides enhanced security, standardization, and maintenance efficiency.

Secure Colorado Secure Colorado is OIT’s statewide strategic security plan. In FY17, OIT submitted a funding request to implement tools for improved security event detection/response and Identity Management. These tools would heighten OIT’s ability to respond to a security breach, reduce security-related audit findings, and expedite the new employee system provisioning process.


Salesforce The Colorado Salesforce Program is a program team under the Colorado Governor’s Office of Information Technology’s (OIT) Enterprise Applications. The solution was to consolidate governance, processes and standards of all Salesforce-related services into one program, while leveraging our agency customer’s input, experience and feedback on what they wanted from their IT provider. The result has been a “grassroots” approach, building the entire program from the ground-up, and bridging the gap between OIT functional groups, executive-level agencies, and government organizations spanning the entire state of Colorado.

SmartNet Coverage SmartNet Coverage is a network server for UCS hosts at E-Fort.

Systems Center Configuration Manager (SCCM)

The Systems Center Configuration Manager (SCCM) allows administrators to manage large groups of Windows-based computer systems. SCCM helps deskside administrators to provide their users with operating systems, applications, and updates virtually. Currently there are implementation efforts moving across 7 agencies. At DOC, this was implemented to replace Novell Zenworks for asset management, patch management and software deployment. Yearly cost will be offset by savings from Novell and AMP retirement.

TPV TPV is Technical Parole Violators.


Voice Circuits - CenturyLink

CenturyLink voice circuits provide voice services to all of the department’s locations.

WYSE Virtualization This is a WYSE virtual environment used in the offender labs.

Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

16


Appendix B



Below is an itemized summary of the estimated unfunded components of DOC’s technology outlook.


Microsoft Office Refresh $175,960 $175,960 $175,960 $175,960 $175,960

Desktop/Laptop Staff Refresh1 - $778,000 $786,000 $794,000 $803,000

Desktop/Laptop Offender Refresh - $414,000 $418,000 $422,500 $427,000

Leased Space Adjustment $18,566 $22,265 - - -


$194,526 $1,390,225 $1,379,960 $1,392,460 $1,405,960

17


DeCORuM Phase III - - $10,469,960 - -

Total Unfunded Tools $0 $0 $10,469,960 $0 $0

1Typically funded in an ad-hoc manner as facilities deem necessary. To ensure a more consistent and timely refresh, we would like to see the refresh formalized. The DTR refresh is an example of a formalized refresh plan in which the department can plan for refresh intervals with established and known recurring costs.

Notes & Assumptions

• Estimates based on initial quote/vendor information and/or past initiatives, and subject to change. • No Enterprise Agreement currently in place for Microsoft; therefore cost is incurred for upgrades and support.

Appendix B



1Decision Item cost allocation is absorbed into Common Policy after the first two years; Once absorbed into Common Policy, different and pending rates may apply.

Notes & Assumptions

• Estimates based on initial quote/vendor information and/or past initiatives, and subject to change. • No Enterprise Agreement currently in place for Microsoft; therefore cost is incurred for upgrades and support:

18



- $13,399 $13,399 TBD1 TBD1

Identity Management (Secure CO Part B) - $16,560 $16,463 TBD1 TBD1

Enterprise Tools (End-User Config/SCCM) - $0 $35,384 TBD1 TBD1

Total Unfunded (Pending) Decision Items $0 $458,838 $492,735 TBD TBD

Total Unfunded Items $194,526 $12,319,023 $1,872,695 $1,392,460 $1,405,960

• Infrastructure - assume pursuing option to fund Microsoft upgrades and support over a recurring 3-year term rather than front-end buy; ensure licensing compliance • End user equipment - assume current funding sources for upgrades and refreshes are sufficient whether using the current OEM model or the Microsoft services model

Department of Corrections



Health Care Policy and Financing



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3





• Model of outsourcing the majority of business applications will continue.



• Enterprise or Support Agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end-user equipment.

• BUS, DDD Web and CMAP will all be integrated into the new VITAL application and support will no longer be needed after 2016.

• Assume successful rollout and implementation of all COMMIT related projects.

• PC replacement schedule of 3 years per device at an average of $1155 per unit.


Assumptions

4


The Department of Health Care Policy and Financing has placed significant focus around establishing Integrated Delivery Systems for customers. This includes full integration of medical, behavioral and dental services for members and adopting technology that facilitates shared access to patient information among providers. One of the major business initiatives underway at present is the Colorado Medicaid Management Innovation and Transformation (COMMIT). This project is a multi-year effort focused on the procurement, implementation, operations, and maintenance of a modern Medicaid Management Information System (MMIS).



service ● Reducing cost of service

○ Leverage best practices and standards to deliver consistent and cost effective solutions

○ Introduce new technologies to reduce ongoing support cost ○ Utilize enterprise solutions to reduce cost associated with redundant licensing and

applications ● Minimizing downtime or disruption for maintenance or upgrades

○ Unify technology changes and maintenance ○ Coordinate deployments, moves and changes

● Driving technology-related statutory responsibility and institutional mandates ○ Secure state data and assets ○ Implement data management governance


5

HCPF’s mission is to improve health care access and outcomes for the people we serve while demonstrating sound stewardship of financial services. This means that we work to make our members healthier while getting the most for every dollar that is spent.

Business Objectives

#1- COMMIT Project

#2- Customer Call Center IVR Vendor Transition

6

● In 2013, HCPF selected HP to design, develop, test and implement a new MMIS, now

known as the Colorado Interchange. This modernized provider enrollment tool will include updated processes for provider enrollment and reenrollment.

● OIT supports this effort through effective security scans of new systems, coordination for network support, and application mapping and support for legacy systems.

● OIT supports this effort by providing data management best practices and offering guidance, when applicable, in the architectural design of and implementation of the end solutions.

● Increase of Meaningful Use of EHRs among Medicaid providers ● Increase of Meaningful Use of EHRs for hospitals ● Increase of registration in Meaningful Use EHRs ● Increase of professionals demonstrating the Meaningful Use of EHRs

● Medicaid Management Information System (MMIS) is the hardware, software, and business

process workflows designed to meeting the criteria for a “mechanized claim processing and information retrieval system” required by federal law to participate in the Medicaid program.

Business Objectives

#3- SharePoint Management

7

● HCPF’s SharePoint Management includes improved collaboration and communication as

well as internal web sites for file sharing, team project collaboration, blogs, wikis and other organization information and announcements.

● The web-based functionality promotes a flexible alternative work environment, job sharing, and working from alternate office capability.

● HCPF uses Power Users who possess elevated permissions in SharePoint who receive additional training and work to logically migrate and organize data storage and locations.

● Through a collaborative idea sharing environment, HCPF seeks to improve performance of staff by visibly aligning projects with strategic goals and improve communication.

● OIT supports this initiative through tracking and management of service requests through the enterprise Service Desk Manager as well as providing some application support for SharePoint.

The BIDM is the data analytics portion of the project. It will include Business Intelligence and Analytics Services, Reporting, Accountable Care Collaborative program Analytics Supports Services, Business Intelligence and Data Management Services, and BIDM System Support and Operations and Training. Planned Timeframe: May 15-Nov 16 Contract Stage, Nov 16-June 2024 Ongoing Ops and Maintenance

As the first phase of the overall COMMIT project, interChange is focused on the core MMIS and Supporting Services. These include: Fiscal Agent Operations Services, Medicaid Web Portal, Online Provider Enrollment, Case Management, Electronic Data Interchange (EDI), Provider Call Center with Customer Relationship Management (CRM) Software, Help Desk (IVR) Software, general IT functionality and business operations, and general functionality of other systems, services and contracts that current exist or will interface with future MMIS. Planned Timeframe: March 14-Nov 16 Implementation, Nov 16-June 2024 Ongoing Operations

Top IT Initiatives

Below are a few high priority HCPF technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

interChange Project

Business Intelligence and Data Management Services (BIDM)

8

PBMS is the final portion of the overall project and includes updates on the Post of Sales, Pharmacy Call Center Services, Pharmacy Benefit Management System Support and Operations, Prospective Drug Utilization Review, Prior Authorizations, Drug Rebate Administrative Management System, Maintenance of the Preferred Drug List and Pharmacy Reference File and Supplemental Drug Rebate Program. Planned Timeframe: Dec 15-Nov 16 PBMS Implementation, Nov 16-June 2024 Ongoing Operations and Maintenance

Pharmacy Benefits Management System (PBMS)



Init

iati

ves

Bu

sin

ess

Ap

ps

Bu

sin

ess

Init

iati

ves

Developmental Disabilities Web

Upgrade

Business Cont. CCLan upgrade to connect 303 Grant to CCLan fiber ring1

Claims Management- Integration with MMIS1

Business Intelligence Data Management

Call Center Relocation

Project

Customer Call Center Application (SF)

Office 365 / Sharepoint / Email/ Google Integration

HCPF Remote Cisco VPN upgrade to

state Enterprise VPN solution

Interchange MMIS Project

HIPAA Security Assessment / Mitigation 1


570 Wireless Project

Pharmacy Ben Management System

1570 Facility infrastructure upgrade

9

Benefits Utilization

System (BUS)

Division of Developmental

Disabilities (DDD Web) T

ech

no

log

y E

ven

ts

Learning Management

System

303 facility build and employee

move 10th Floor

IT Roadmap Overview



Infr

astr

uct

ure

Ser

vic

es


10

Tec

hn

olo

gy

Ev

ents

1570 Wireless & Building Cabling

Back Up Colorado Phase II*

Grants Management*

Cisco Network Refresh 1


Network/Database Monitoring Tool Implementation

(SolarWinds NPM)*1

Infrastructure Refresh 1

Annual Software Renewal

McAfee Security Suite*


Asset Refresh 1

To

ols



Radiant Logic RadiantOne Virtual

Directory VDS*

Financial Overview


Tools - - - - -




- $29,595 $33,135 - -

Total Unfunded* $20,0001 $821,745 $588,913 $519,000 519,000



Below is a summary or the estimated unfunded components of HCPF’s technology roadmap. A detailed breakdown can be found in Appendix B.


11

HCPF’s Unfunded Technology Outlook

•For context, HCPF’s total FY14 IT spend was $6,101,522. 1 No supplementals have been requested; this total represents the technology debt that HCPF is acquiring in FY16

Glossary & Acronyms










Benefits Utilization System (BUS)

The Benefits Utilization System is required by HCPF to administer, track and report benefits utilization.

Business Intel. Data Management

The BIDM is the data analytics portion of the project. It will include Business Intelligence and Analytics Services, Reporting, Accountable Care Collaborative program Analytics Supports Services, Business Intelligence and Data Management Services, and BIDM System Support and Operations and Training.


12

Glossary & Acronyms

Customer Call Center Application (SF)

The Customer Call Center Application supports the department's multi-year goal to provide clients with a seamless, coordinated, and efficient customer service experience to ensure they can navigate the system and obtain the services they need.

Developmental Disabilities Web Upgrade

DDDWeb is the department’s case management system for clients and intellectual and developmental disabilities, must be secure and stable system in order to ensure the privacy of client health information stored in DDDWeb and uninterrupted delivery of medical services that rely on an authorization process via DDDWeb.

Endpoint Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. The most common form of encryption, called “symmetric key encryption” secures information in the transfer from one party to another; conversely, endpoint encryption secures data at rest. Data is unreadable to an attacker in the event that a device is lost or stolen.

Enterprise Wireless

The Enterprise Wireless project will make secure wireless internet accessible to all OIT customers. Implementing wireless internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY16 decision item that is billed back to the agencies based on FTE.



HCPF Remote Cisco VPN upgrade to state Enterprise VPN solution

Decommission existing HCPF user remote access Cisco VPN (virtual private network); OIT enterprise-wide eVPN (see eVPN).

HIPAA Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical information.


Glossary & Acronyms




Ongoing to institute an IT Network, Systems Infrastructure, and Voice Services refresh programs. This project was an OIT FY16 decision item that is billed back to the agencies based on FTE and server count.

Interchange MMIS Project

The first phase of the overall COMMIT project, interChange is focused on the core MMIS and Supporting Services. These include: Fiscal Agent Operations Services, Medicaid Web Portal, Online Provider Enrollment, Case Management, Electronic Data Interchange (EDI), Provider Call Center with Customer Relationship Management (CRM) Software, Help Desk (IVR) Software, general IT functionality and business operations, and general functionality of other systems, services and contracts that current exist or will interface with future MMIS.

Learning Management System

The Learning Management System tracks training and registration that the department offers to customers which includes HCPF employees, county employees and contractors, as well as general HCPF staff





Virtual Directory Abstraction Layer.



SmartNet Coverage

Network Server for UCS hosts at eFORT.


Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

15


Appendix B



Below is an itemized summary or the estimated unfunded components of HCPF’s technology outlook.


Cisco Network Equipment Refresh - - $33,000 - -

303 CCLan Upgrade to connect 1570 Grant Fiber

Ring - $50,000 - - -

Leased Space Adjustment - $3,150 $3,778 - -

Asset Refresh Schedule and Inventory - $231,000 $231,000 $231,000 $231,000

Network/Database Monitoring Tool Implementation

(SolarWinds NPM)

$20,000 $8,000 $8,000 $8,000 $8,000

HIPAA Security Assessment / Mitigation - $500,000

($250k GF) $280,000

($140k GF) $280,000

($140k GF) $280,000

($140k GF)


16

Appendix B



Below is an itemized summary or the estimated unfunded components of HCPF’s technology outlook.


17



- $13,851 $13,851 -1 -1


Total Unfunded (Pending) Decision Items $0 $29,595 $33,135

$0

$0

Health Care Policy and Financing



History Colorado



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3







• Enterprise or Support Agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end user equipment.

• Ute Museum expansion continues.

• OAHP modernization upgrade maintains priority.

• Financial situation of HC stabilizes and IT continues to be funded.



Assumptions

4


History Colorado is a cash-funded agency comprised of four main working groups: Museum Experience, Community Museums, Heritage Services (the Office of Archaeology and Historic Preservation and the State Historical Fund), and Support Services. The organization ensures historic preservation and archaeological compliance, provides grant programs and public programs, and operates eleven museums and historic sites throughout the state.



service



applications





5

Technology lifecycles are much shorter than the History Colorado business cycle; therefore, planning technology changes to fit History Colorado’s business initiatives is one way to help improve business.

The mission of History Colorado is to engage people in our state’s heritage through collecting, preserving, and discovering the past in order to educate and provide perspectives for the future. This page highlights the overarching objectives that DNR identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Expand Outreach Efforts

#2- Build Visitation and Revenue

History Colorado is expanding through multiple channels; online and “brick and mortar.” The new HC website is in design and will offer new services to customers more efficiently. The Ute Museum in Montrose is expanding and upgrading to become a gem in that community with the latest technology. Both initiatives are done with the support and partnership of OIT.

Key revenue drivers for History Colorado are concessions, retail, ticket sales and event rentals. OIT will help these initiatives by providing the technology necessary to make the regional museums an attractive offering for potential rental customers. OIT can assist in POS system analysis and delivery as well as e-commerce through enhanced web presence and developing new ideas not yet considered.

#3- Be an Indispensible Resource for K-12 Schools and Educators

History Colorado develops multidisciplinary programs for many grade levels, providing Colorado students with a firm foundation of Colorado’s history. Additionally, expanding professional development programs and delivery media to serve educators statewide. History Colorado continues to develop and disseminate digital learning environments for multiple grade levels that are accessible across the state.

6

The Office of Archaeology and Historic Preservation (OAHP) is upgrading its legacy application that has been in place for many years. The upgrade is being done by Argus and will bring in much needed functionality that will enable each division to operate with greater efficiency.

History Colorado stores data in multiple places with varying reference protocols. Assistance is needed in moving to cloud storage, understanding data needs and costs, and developing simplified indexing policies. Much of the data is intended to be shared with the general public. Public access to this information is critical to HC’s mission as keeper of state owned public information and as an educational resource.

Top IT Initiatives

Below are a few the highest priority History Colorado technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

Data Storage, Indexing and Access

OAHP Upgrade

7

History Colorado’s network of historic sites are in need of reliable guest wireless service. One of the major challenges is the current requirement to be on the CSN, which is a non-starter for HC. Implementation and operational cost is prohibitive. Furthermore, it’s not necessary to have an employee wireless solution, but only guest wireless to increase rentals and generate revenue. History Colorado’s Ute Indian Museum in Montrose is doubling in size. The 4000+ square foot expansion will be complete by fall of 2016 and will add event and meeting rental spaces that will be key revenue generators for the agency. This facility is moving forward with the support and participation of the three Ute Indian tribes.

Guest Wireless at all Community Museums and Ute Indian Museum Expansion

IT Roadmap Overview



Init

iati

ves

Bu

s.

Ap

ps

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols

Bu

sin

ess

Init

iati

ves

2-Factor Authentication*


Equipment Refresh @ 25%1,2

HC Website and Data Sharing Protocols3

Ute Museum Expansion

Kronos1

Infrastructure Refresh*1

Guest Wireless at Community Museums1



Grants Management*

OAHP Modernization



8

Asset Discovery, Endpoint Mgmt (SCCM)*1

Network/Database Monitoring (SolarWinds)*1


Single Sign On*

Service Desk 24x7


Financial Overview


Tools - $18,400 $8,425 $0 $0

Business Applications - $150,000 - - -



Total Unfunded* $103,7391 $315,405 $830,822 $175,823 $201,323



Below is a summary of the estimated unfunded components of History Colorado’s technology roadmap. Detailed breakdown can be found in Appendix B.


9

History Colorado’s Unfunded Technology Outlook

* For context, History Colorado’s FY14 total IT spend was $625,660.96 1No supplementals have been requested; this total represents the technology debt that History Colorado is acquiring in FY16.

Glossary & Acronyms











Decision Item DI: A proposal for change(s), which usually includes a request for funding.

10

Glossary & Acronyms

Endpoint Encryption


Enterprise Wireless






Identity Management

(Secure Colorado Part B)



Network/ Database

Monitoring Tool Implementation

(SolarWinds)

SolarwWinds is a system that monitors IT infrastructure such as networks and servers, and can identify performance problems that could affect user access to applications. SolarWinds can automatically respond in various ways, from simply notifying support staff via email or text message, to even initiating actions such as rebooting devices. OIT is currently deploying SolarWinds across all of our supported agencies. The initial deployment will monitor network segments and devices only, and eventually we will configure it to monitor servers and applications.

Glossary & Acronyms Radiant Logic

RadiantOne VDS Virtual Directory Abstraction Layer.


SmartNet Coverage

Network Server for UCS hosts at E-Fort.




Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

13


Appendix B



Below is an itemized summary of the estimated unfunded components of History Colorado’s technology outlook.


VMWare $55,000 - - - -

EMC SAN $4,800 - - - -

Enterprise Wireless $1,582 $380 - - -

Infrastructure Refresh $21,701 $20,462 - - -

Systems Infrastructure staff $7,633 $7,926 - - -

Cisco Network Equipment (Routers, Switches, AP's) $7,700 $55,000 $91,300 $500 $24,000

Cisco SmartNet Maintenance $5,323 $5,323 $5,323 $5,323 $5,323

Network Bandwidth at Regional museums - - $156,000 $156,000 $156,000

Remote Site Wireless - $10,000 $12,000 $14,000 $16,000

Digital Security at Regional - - $500,000 - -

Microsoft Windows 10 migration - $5,000 $15,000 - -



Kronos - $150,000 - - -

Total Unfunded Applications $0 $150,000 $0 $0 $0

14

Unfunded Tools

Real-Time Reporting Tool (Xtraction) - $4,955 $4,955 TBD TBD

Database Monitoring Tool (SolarWinds) - $13,445 $3,470 TBD TBD

Total Unfunded Tools $0 $18,400 $8,425 $0 $0


Advanced Security Analytics/ Threat

Discovery (Secure Colorado Part

A)

- $19,193 $19,193 -1 -1

Identity Management (Secure Colorado Part

B) - $23,721 $23,581 -1 -1

Enterprise Tools (Asset Discovery, Endpoint

Management) - - - -1 -1

Total Unfunded (Pending) Decision

Items $0 $42,914 $42,774 $0 $0



1Decision Item cost allocation is absorbed into Common Policy after the first two years; once absorbed into Common Policy, different and pending rates may apply. 15

Appendix B


History Colorado



Department of Human Services



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors

Use technology trends to set direction beyond 18 months



and desktop groups




horizon


3

• This roadmap functions as a living document which will be updated twice per year.

This initial document serves as a baseline; timelines and costs estimates are subject to change.

• CDHS has adopted and embraced OIT’s top three Enterprise Applications services including Google, Salesforce and Perceptive platform technologies. CDHS is leading in the number of applications consolidated into Salesforce and where financially feasible CDHS will continue to support and develop future applications using these three primary application services.

• One of CDHS’s top FY15-16 technology initiatives is the development of mobile and wireless technology to enable their workers. In 2015 CDHS will continue to develop over 1.5 million square feet of wireless facility footprints across the state and is closely aligned with OIT strategically for the implementation of secure wireless standards to achieve their goals.

• CDHS is a strong supporter of the OIT Eliminate Redundant Applications consolidation strategy and continues to decommission legacy Microsoft Access and other legacy applications into the OIT Salesforce application suite. This effort will continue through FY16-17.

• CDHS is strategically aligned with OIT and State HB-12-1288 Project Management requirements, including project governance, intake management and gating methodologies. All project and significant changes to current and future applications follow a sound process for project management.

• CDHS is strategically aligned with OIT in the areas of operating system technology standardization and support. CDHS has established a baseline desktop image across all devices aligning with OIT security, and Deskside Support standards. Over the past year CDHS and OIT have increased service to employees at CDHS by 18% and reduced service requests by nearly one-third.

• CDHS is strategically aligned with OIT virtualization services for Deskside Support and server utilization through the use of V-Block resources. Today CDHS continues to migrate into the V-Block environment.

• Cost estimates are based on initial quote/vendor information and/or past initiatives and are subject to change.

Assumptions

4

• For Decision Items, cost allocation to customer is based on OIT’s current Common

Policy rates.

• CDHS recently upgraded the entire desktop operating system environment through a 2014-15 project appropriation. Maintenance and support for the Microsoft licensing and support investment will remain current until FY18-19.

• CDHS is strategically aligned with the OIT Information Security Office and fully supports and appreciates the Audit and Compliance services at OIT. In addition CDHS has fully adopted McAfee endpoint security services, complies with state and federal CIS hardening standards and is fully invested in meeting HIPAA - HITECH security requirements.

• CDHS is strategically aligned with OIT in the areas of Service Level Commitments (SLC) and Performance Management. CDHS has utilized the FY15-16 SLC for two consecutive years and has incorporated three new areas into the SLC for this year for their CHATS, TRAILS and ACSES applications teams. Over the past year the CDH /OIT SLC has been adopted as the state standard.

• CDHS will continue to work with OIT to identify areas of service improvement to include process review and development, tool identification and if needed supplemental staffing needs to ensure high quality services are provided to CDHS employees and counties.

• CDHS is strategically aligned with OIT’s Access Control for delivering high quality employee onboarding through the ease of enhanced tools (identity and access governance) to automate the onboarding of employees.

• CDHS continues to follow state and federal standards for computing infrastructure and where financially possible, CDHS utilizes network, data center and security standards and leverages each to maximize their investments in IT.

Assumptions

5


The Colorado Department of Human Services (CDHS) collaborates with partners in state and county governments, nonprofits, and others to design and deliver high quality human and health services that improve the safety, independence, and well-being of the people of Colorado. Through the use of current technologies CDHS will create and provide modern health environments and solutions that enable an efficient and empowered workforce and provide greater access to information and services. ● Improving quality and reliability of service


service



applications





6

The mission of CDHS is to collaborate with our partners, to design and deliver high quality human services and health care that improve the safety, independence and well-being of the people of Colorado. This page highlights the overarching objectives that CDHS identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Thrive in Community

#2- Achieve Economic Security Through Meaningful Work

• Implementing state of the art wireless technology in Nursing homes so that residents can communicate easily with family members

• Providing near real time access to electronic health record and educational systems and information

• Implementing state-of-the-art health records services to the clinicians and residents requiring state health services from CDHS

• Improving client/clinician experience through the elimination of redundant data entry

• Mobilizing the workforce to allow for improved access to information and quality data collection

• Reinvesting in modernization of CDHS applications and IT services

#3- Prepare for Educational Success Throughout Their Lives

• Delivering groundbreaking educational computing environments for the residents of youth correctional facilities

• Providing secure student access to educational class resources and automated online educational services within higher education providers and counties

• Providing automated workflow and access control to educators, students and administrative staff to meet state and national educational obligations

• Providing new online educational materials that promote fun learning

7

• Modernizing IT systems for the benefit of clients, families, providers and counties

• Mobilization and empowerment of workforce

• Elimination of duplicate data entry

• Increase provider to client experience through efficient and easy collection of case information

• Securing citizen information

• Implementing modern electronic healthcare record (EHR) systems for client care in CDHS veterans Nursing Homes , Mental Health Institutes, Youth Corrections, and regional centers

• Reduction of case information errors resulting in higher quality of care

• Providing timely access to current case information to all providers when it's needed

• Provide increased security and privacy of case data

Top IT Initiatives

Below are a few high priority CDHS technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

Electronic Health Care 24/7 Facilities

TRAILS/CHATS/ACSES Modernization

8

• Paper to digital, automation of processes and workflow

• Improve data accuracy and integrity

• Increase efficiencies in agency workforce productivity

• Provide high quality analytics and reporting

EDMS and Interoperability Automation



Init

iati

ves

Bu

sin

ess

Init

iati

ves

9

MHI EHR/WIFI

DYC EHR/WIFI

DYC Desktop Education Initiative

Electronic Document

Management System

(EDMS) Project

Treatment Management System

Data Integration Initiative1

CHATS Modernization Project1

ACSES Passthrough Project1

TRAILS Modernization Project1

CCISS Interoperability Project1

Behavior Health (Cerner) Electronic Health Records Project

SNAP System1

Clearance Automation

Regional Center EHR/WIFI1

MHI Law Enforcement Web Application

CDHS Electronic Document Management System



Bu

sin

ess

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Single Sign On*


Windows 10 Migration* Endpoint Encryption*


Bluelance LT Auditor


10

Network/Database Monitoring Tool Implementation (SolarWinds NPM)*




CISCO SmartNet Maintenance

Grants Management*

Windows Server 2003 migrate to 2012*


2 Factor Authentication*1

Service Desk 24x7*


Tec

hn

olo

gy

Ev

ents

Financial Overview


Tools $41,000 $45,000 $47,000 $1,400,000 $50,000

Business Applications $6,462,637 $9,425,162 $8,075,162 $3,202,970 $2,652,970

Infrastructure Services - - - $1,448,000 -

OIT Pending FY17 Decision Items - $365,530 $15,055,601 TBD TBD

Total Unfunded* $6,503,6371 $9,835,692 $23,177,763 $6,050,970 $2,702,970



Below is a summary of the estimated unfunded components of CDHS’s technology roadmap. A detailed breakdown can be found in Appendix B.


11

CDHS’s Unfunded Technology Outlook

*For context, CDHS’s total FY14 IT spend was $75,918,428 1No supplementals have been requested; this total represents the technology debt that CDHS is acquiring in FY16

Glossary & Acronyms



ASCES The Colorado Department of Human Services (CDHS) Office of Economic Security Division of Child Support Services to provide assistance to families to enforce child support orders. ACSES is a federally required application under Title 4 of the Social Security act and must meet Federal security and used compliance requirements








Bluelance LT Auditor Security auditing mandated for HIPAA compliancy

CHATS Automated system used to manage child care subsidies provided to families receiving public assistance through the Colorado Child Care Assistance Program.

12

Glossary & Acronyms


Decision Item A proposal for change(s), which usually includes a request for funding.





FTI Federal Tax Information that the state is responsible for protecting.

HIPAA Health Insurance Portability & Accountability Act of 1996 requires the state to protect patients’ medical and personal information.


13

Glossary & Acronyms


Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1,235,922 for FY17, $1,228,676 for FY17, to implement an identity management tool across the state that would allow OIT to detect and remove dangerous and costly orphaned accounts and expedite the new employee system provisioning process.

ITAM IT Asset Management. Record and track detailed hardware and software inventory information.








TRAILS Office of Early Childhood provides services for Children, Youth and Families of Colorado supported by the State Automated Child Welfare Information System (SACWIS), also known as TRAILS


Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

15


Appendix B



Below is an itemized summary of the estimated unfunded components of CDHS’s technology outlook.

16


TRAILS Modernization (Capitol Construction Fund ) $4,648,707 $4,372,192 $4,372,192 - -

Interoperability (Capitol Construction Fund ) $1,413,930 $2,652,970 $2,652,970 $2,652,970 $2,652,970

Treatment Management System $400,000 $400,000 -

- -

Regional Center EHR System - $1,500,000 $550,000

$550,000 -

Data Integration Initiative - $500,000 $500,000

- -

Total Unfunded Applications $6,462,637 $9,425,162 $8,075,162 $3,202,970 $2,652,970

Appendix B



Below is an itemized summary of the estimated unfunded components of CDHS’s technology outlook.


Windows 10 Migration - - - $1,400,000 -

Windows server 2003 migrate to 2012 $41,000 $45,000 $47,000 $48,000 $50,000

Total Unfunded Infrastructure $41,000 $45,000 $47,000 $1,448,000 $50,000


17



- $13,399 $13,399 -1 -1


Enterprise Tools - - $34,579 -1 -1

CBMS Annual Base Adjustment - - $14,656,676

-1 -1


$0 $365,530 $15,055,601 $0 $0

Total Unfunded Items $6,503,637 $9,835,692 $23,177,763 $6,050,970 $2,702,970

Department of Human Services



Department of Labor and Employment



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3



• Decisions related to major agency initiatives or projects may alter this plan.

• Infrastructure needs to be maintained for FTI/PII compliance.

• Estimates based on past initiatives and subject to change.

• Four year refresh schedule for endpoint hardware.

• Infrastructure refresh will need funding regardless of physical location.



Assumptions

4


CDLE is made up of the following major divisions: Unemployment Insurance, Employment and Training, Labor Market Information, Labor, Oil and Public Safety, Workers’ Compensation, Government Policy and Public Relations, and Internal Services.



service



applications





5

Technology lifecycles are much shorter than the CDLE business cycle; therefore, planning technology changes to fit CDLE’s business initiatives is one way to help improve business.

CDLE’s mission is to “protect and promote the integrity and vitality of Colorado’s employment environment.” This page highlights the prioritized objectives that CDLE identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Improve Customer Satisfaction by 5% Annually

#2- Improve Employee Survey Results by 5% Annually

CDLE will be creating and implementing an ongoing customer survey, and striving to achieve a 5% increase in customer satisfaction annually by fostering an agency wide culture of service based on values, utilizing customer feedback and strategic initiatives to improve service delivery, and maintaining an effective Continuity of Operations Plan (COOP).

CDLE strives to establish a culture of engagement and accountability that affords employees the opportunity, structure, and tools to thrive and provide an exceptional customer experience. Because employee satisfaction has been shown to increase customer satisfaction, productivity, and performance, CDLE is striving to achieve a 5% increase in employee satisfaction annually. Strategies for reaching this goal include maintaining the Employee Quality and Excellence Plan (EQEP) as a tool, maintaining Covey as the foundation of the Leadership Development Program, continuing work with succession planning, improving the CDLE rewards and recognition program, and encouraging the practice of appropriate change management.

#3- Implement Process Improvement

CDLE will be implementing five key process improvements annually to maximize the value they bring to their customers and stakeholders through their work processes. This will be done by prioritizing, implementing, and reporting on process improvements, utilizing the Process Improvement Forum and Lean.

6

#4- Implement Optimal Technology Solutions

CDLE will be employing a multitude of strategies to implement optimal technology solutions that create an exceptional customer experience, including approaching technology projects with a focus on better serving the customer and actively engaging and partnering with OIT.

The Division of Workers’ Compensation (DOWC) is migrating the current claims system off the 23-year old mainframe computer application and on to a modernized virtual platform based on Java and MS SQL. The implementation and delivery of the next generation DOWC system will require a multi-year, multi-phased effort. Each phase will be fully implemented in the production environment before the next modernization phase begins. The overall project is scheduled to complete June 30, 2017.

The Division of Unemployment Insurance (UI) is modernizing the current benefits and tax system and moving off the mainframe computer application. The modernized solution is intended to provide complex automated solutions for 1,000's of traditional Unemployment Insurance functions, features, and processes that fall into the following areas: 1) Benefits, 2) Taxes/Premiums, 3) Appeals, and 4) Federal/State Unemployment Insurance Interfaces & Reporting.

Top IT Initiatives

Below are a few of the highest priority CDLE technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview. Modernize Unemployment Insurance IT Systems

Modernize Workers’ Compensation IT Systems

7

The Division of Oil and Public Safety (OPS) is modernizing their current technology systems. The modernized solution(s) are intended to provide improved performance and sustainability.

Modernize Oil and Public Safety IT Systems


* Enterprise event/initiative; see Appendix A: Statewide Initiative Roadmap **Joint Agency / Enterprise effort 1 Unfunded: see Appendix B (Needs further discussion to determine if funding is available) 2 OIT initiative that still needs to be planned with the agency 3 Solution is in design - dates subject to change 4 In early planning phases - dates subject to change

Init

iati

ves

Bu

sin

ess

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Bu

sin

ess

Init

iati

ves

NW Monitoring (SolarWinds)*1


Refresh Perimeter Firewalls**

Server/Storage Refresh Planning**

UI Modernization 3

Asset Discovery, Endpoint &

Server Mgmt**

Workers’ Comp Modernization

Automation of Existing Manual Processes

DVR Infrastructure

Integration


IT Asset Management Initiative



8

OPS Application Modernization 4

Non-Major Application Roadmaps

Database Monitoring*1

Tec

hn

olo

gy

Ev

ents

Modernization of existing Systems

eComp Modernization 4

Non-Major Application Modernizations

Enterprise Wireless*2

Deskside Hardware Refresh (4 yr cycle) / Software Refresh as Needed for Compliance

Server OS Migrations/Updates

Server/Storage Refresh**

Financial Overview


Applications - $0 $3-6M $7-10M -

Tools - $43,784 $23,507 $23,507 $23,507

Infrastructure Services - - - $700,000 -

OIT Pending FY17 Decision Items -

$75,764 $75,519 - -

Total Unfunded* $0 $119,548 $3,099,026- $6,099,026

$7,723,507- $10,723,507

$23,507



Below is a summary or the estimated unfunded components of CDLE’s technology roadmap. A detailed breakdown can be found in Appendix B.


9

CDLE’s Unfunded Technology Outlook

* For context, CDLE’s FY14 total IT spend was $15,313,723

Glossary & Acronyms












10

Glossary & Acronyms

Enterprise Wireless














Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

12


Appendix B



Below is an itemized summary or the estimated unfunded components of CDLE’s technology outlook.

1 Equipment Refresh based on 384 devices. 80% Desktop device estimated at $820 and 20% laptop device at $1,031 with 1% increase per year.

13

Unfunded Tools

Real-Time Reporting Tool (Xtraction) - $16,455 $16,455 $16,455 $16,455

Database Monitoring Tool (SolarWinds) - $27,329 $7,052 $7,052 $7,052



OPS Modernization $1-2M

Connecting Colorado Modernization $7-10M

eComp Modernization $1-2M

Non-Major Applications Modernizations $1-2M

Total Unfunded Tools $0 $0 $3-6M $7-10M $0

Appendix B



Below is an itemized summary or the estimated unfunded components of CDLE’s technology outlook.


Server/Storage Refresh - - - $700,000 -

Total Unfunded Infrastructure $0 $0 $0 $700,000 $0


14



- $33,885 $33,885 -1 -1


Total Unfunded (Pending) Decision Items $0

$75,764 $75,519 $0 $0

Total Unfunded Items $0 $119,548 $3,099,026- $6,099,026

$7,723,507- $10,723,507

$23,507

Department of Labor and Employment



Department of Local Affairs


Roadmap Goals Assumptions Aligning Technology with Business Objectives Business Objectives Top Initiatives IT Roadmap Overview Financial Overview Glossary Appendix A: Technology Forcasts Appendix B: Statewide Initiative Roadmap Appendix C: Unfunded Event Breakdown

Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3


year. This initial document serves as a baseline; timelines and costs estimates are subject to changes.




• For Decision Items, cost allocation to the customer is based on OIT’s current Common Policy rates.

• The Enterprise or Support Agreement is currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end-user equipment.

• PC refresh rate of 25% per quarter.

• There will be a regular network refresh.



Assumptions

4


DOLA’s mission is to strengthen communities and enhances livability in Colorado by providing accessible assistance in the following areas: equitable and consistent implementation of property tax laws, community development that is revitalizing and sustainable, financial support for community needs, and safe, affordable housing.



service



applications





5

Technology lifecycles are much shorter than the DOLA business cycle; therefore, planning technology changes to fit DOLA’s business initiatives is one way to help improve business.

The mission of DOLA is to strengthen Colorado communities. This page highlights the overarching objectives that DOLA identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Property Tax

#2- Safe Affordable Housing

The Division of Property Taxation has a goal of: OIT’s upgrade of the Oracle instance used by this division, supports property tax exemptions for seniors and veterans. Support will include information sharing with Revenue and Human Services.

•Providing state and federal funding to private housing developers •Offering Housing Choice Voucher rental assistance •Certifying all factory/manufactured structures built in or shipped to Colorado

#3- Broadband Initiative

•Improve broadband service to constituents. •Enhance economic development •Promote inter-jurisdictional communication •Support better access to services available over broadband

6

•Distance Learning, Telemedicine

•Ensuring equitable and consistent implementation of property tax laws. •Valuate fire and flood affected properties in Colorado. •Expand of Disabled Veterans exemption program.

Improve the access of all Coloradans to decent, affordable housing by: OIT supports Applications that manage Section 8 housing and interfaces with the Grants Management Systems.

Support efforts to: OIT promotes broadband initiatives that concern local government.

The Division of Housing is requesting the implementation of a SIPA Transaction Payment Engine feature to collect various fees online from external customers. Additionally, the customer would like an interface built between CORE and the CODES application to upload the fee payment information.

OIT is developing a data warehouse application through Salesforce, that will include participation by Office of Economic Development & International Trade, the Department of Agriculture, as well as Boulder and Longmont counties. The application will track and manage 300 million dollars of flood disaster relief funds and allow tracking and reporting of disbursements to the federal government (Community Block Grant Disaster Recovery).

Top IT Initiatives

Below are a few high priority DOLA technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

Community Development Block Grant - Disaster Recovery

Division of Housing - SIPA Payment Engine

7

The BAA hears appeals of decision made by county boards of equalization, county boards of commissioners and the State Property Tax Administrator relating to valuation, classification and exemption of property for property tax purposes. Prior to the initiation of DOLA-BAA-Online Filing of Petitions, all forms were filed in paper form by hand or mail. Data from the forms was manually input into the database by BAA staff. The current project will provide the ability to file the petition forms online. Additional project work will be required to provide a similar mechanism for stipulation and withdrawal forms.

Board of Assessments and Appeals - BAA Online


* Enterprise event/initiative; see Appendix B: Statewide Initiative Roadmap 1 Unfunded: see Appendix C: Unfunded Event Breakdown for details 2 OIT initiative that still needs to be planned with the agency

Init

iati

ves

Infr

astr

uct

ure

Ser

vic

es

To

ols

Bu

sin

ess

Init

iati

ves

MIPC




BAA Online


SIPA Payment Engine





8

Asset Discovery, Endpoint Mgmt (SCCM)*

Tec

hn

olo

gy

Ev

ents

Community Development Block Grant


Grants Management*

Redundant Router1

Service Desk 24X7*

CCLAN (Edge)1

Network/Database Monitoring

(SolarWinds)*1


Network Equipment

Refresh

Network Equipment

Refresh

Financial Overview


Tools $4,593 $4,500 $4,500 $4,500 $4,500

Applications $130,570 $22,320 $22,320 $24,320 $22,320

Infrastructure Services - - $82,729 $83,554 $84,360


Total Unfunded * $135,1631 $39,431 $41,203 $26,820 $26,820



Below is a summary or the estimated unfunded components of DOLA’s technology roadmap. Detailed breakdown can be found in Appendix B.


9

DOLA’s Unfunded Technology Outlook

*For context, DOLA’s total FY14 IT spend was $1,602,484 1 No supplementals have been requested; this total represents the technology debt that DOLA is acquiring in FY16

Glossary & Acronyms










CCLAN (Edge) Command Center Local Area Network


10

Glossary & Acronyms

Endpoint Encryption


Enterprise Wireless

The Enterprise Wireless project will make secure wireless Internet accessible to all OIT customers. Implementing wireless Internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY16 Decision Item that is billed back to the agencies based on full time equivalent (FTE).



HIPAA Health Insurance Portability & Accountability Act of 1996 requires the state to protect patients’ medical information

HRIS The Human Resources Information System (HRIS) project is well underway and will allow State of Colorado agencies to have a consistent approach for common HR processes and create a single source of truth that can be accessed by HR state employees with proper credentials.






Glossary & Acronyms

Salesforce The Colorado Salesforce Program is a program team under the Colorado Governor’s Office of Information Technology’s (OIT) Enterprise Applications Team. The solution was to consolidate governance, processes and standards of all Salesforce-related services into one program, while leveraging our agency customer’s input, experience and feedback on what they wanted from their IT provider. The result has been a grassroots approach, building the entire program from the ground-up, and bridging the gap between OIT functional groups, executive-level agencies, and government organizations spanning the entire state of Colorado.

SIPA State Internet Portal Authority is a body corporate and political subdivision of the state, governed by a 15-member Board of Directors. SIPA assists governments to implement or improve their digital solutions with cost saving results.

Redundant Router

This is a networking device that forwards data packets between computer networks.




13

Appendix A

Technology Forcasts

Long Term Trends

Our vendors provided technology forecasts for 18-24 months. For longer term forecasts (five years), vendors provided technology themes, always oriented to competitive IT goals of increasing performance and reducing cost.

• Continuing price declines and increasing power will be used to provide increasing ease of use and flexibility • Planned obsolescence will continue – we will be fortunate to get four to five years from hardware or software • Security concerns will grow and force changes independent of business needs • Mobility and portability of information will continue to increase

Server Hardware • Newer chips with faster internal networks and more memory. Cisco forecasts 100Gb internal bus speeds ~2017 • Converged server technology, eliminating need for Commvault

Network • Increases in speed and bandwidth supporting data/voice (video) • >10Gb desktops, 40 Gb backbone common • Software defined networking • Wireless improvements • Focus on size reduction and mobility

Desktop • Move to thin client (VDI) Enterprise Software • Increase in commercial off-the-shelf solutions • Increased web presence • Software as a Service (SaaS)

Appendix B


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

14


Appendix C



Below is an itemized summary of the estimated unfunded components of DOLA’s technology outlook.


Domain Controller $2,000 - - $2,000

CCLAN (Edge) $75,000 $11,250 $11,250 $11,250 $11,250

Redundant Router $50,000 $7,500 $7,500 $7,500 $7,500

Windows 10 Migration $3,570 $3,570 $3,570 $3,570 $3,570


15

Unfunded Tools

SCCM $4,593 - - - -

SolarWinds $30,000 $4,500 $4,500 $4,500 $4,500



Advanced Security Analytics/Threat Discovery (Secure CO Part A)

-

$5,640

$5,640 TBD1 TBD1

Identity Management (Secure CO Part B)

- $6,971 $6,930 TBD1 TBD1

Enterprise Tools - - $1,813 TBD1 TBD1


$0 $12,611 $14,383 $0 $0



Department of Local Affairs



Department of Military & Veterans Affairs



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3




• Infrastructure needs to be maintained for FTI/HIPAA/PII/FBI compliance

• Estimates based on initial quote/vendor information and/or past initiatives are subject to change

• No enterprise or support agreement currently in place for Microsoft; therefore cost is incurred for upgrades and support:

• Four year work station refresh schedule

• Infrastructure seven year refresh schedule (servers, network equipment, etc.)

• Staffing remains constant

• For Decision Items, cost allocation to customer is based on OIT’s current Common

Policy rates

Assumptions

4

• Infrastructure - pursuing option to fund Microsoft upgrades and support over a recurring three year term rather than front end buy; ensure licensing compliance

• End user equipment - current funding sources for upgrades and refreshes are sufficient whether using the current OEM model or the Microsoft services model; will not move to Office 365.


DMVA is made up of three divisions: National Guard, Civil Air Patrol, and Veterans Affairs.



service



applications





5

Technology lifecycles are much shorter than the DMVA business cycle; therefore, planning technology changes to fit DMVA’s business initiatives is one way to help improve business.

DMVA’s mission is to “provide guidance, support, and legislative coordination to the divisions of the Colorado National Guard, Civil Air Patrol, and Veterans Affairs enabling the divisions to assist Colorado’s Veteran Community; and to provide ready forces at home or abroad, protecting the citizens and property of Colorado and the United States of America”. This page highlights the overarching objectives that DMVA identified in their annual performance that will have the biggest impact in achieving their mission.

Business Objectives

#1- Improve Disaster Response Coordination

#2- Expand Services Provided to Underserved Veterans

DMVA has proven resilient in the face of adversity and capable of meeting the significant challenges posed by natural disasters, to include fires and floods. It is the goal of the Department to learn from these experiences and constantly update the response provided to the state in such a way that is both proactive and generates greater coordination and cooperation with intra-state agencies as well as local and national partners.

Rural and student veterans stand out as being underserved within the state, and access to support services and peer-specific community is a problem for both groups. The preponderance of resources, including hospitals, support groups, student veteran chapters and veterans cemeteries are located along the I-25 corridor. DMVA seeks to update and improve those services it provides beyond this corridor. These consist primarily of grants and the Veterans Memorial Cemetery in Grand Junction, Colorado. By providing grants which support transportation for veterans to appointments and counseling services, both the Veterans Trust Fund and the Veterans Assistance Grant provide support to veterans across the state.

#3- Provide Low-Cost Disaster Recovery Mitigation Services

The Colorado Wing of the Civil Air Patrol provides a low-cost aviation capability that can be utilized by law enforcement, local responders and other entities before, during and after a disaster strikes. DMVA seeks to provide these services with the same standard of professionalism and dedication that it has in the past, while working to share the message of what it provides to a broader audience.

6

OIT has placed two IT Professionals onsite at DMVA to provide 24x7 support of the DMVA IT applications and computer equipment. This includes support for email, business applications, and desktop and laptop equipment. Ongoing IT support is used to support the DMVA business objectives detailed on the previous page.

A large amount of the DMVA IT infrastructure (computer servers, storage devices, network equipment) is either past or nearing the end of its useful life and needs to be replaced to ensure consistent, uninterrupted IT service for DMVA members. OIT is working with DMVA leadership to develop and implement a plan to upgrade and/or replace this aging equipment. The IT Infrastructure is used to support the DMVA business objectives detailed on the page above.

Top IT Initiatives

Below are a few of the most high priority DMVA technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

Improve and Upgrade IT Infrastructure

Ongoing IT Support

7



Init

iati

ves

Bu

sin

ess

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Bu

sin

ess

Init

iati

ves

Windows 10 Migration - on an attrition basis *

Improve Disaster Response Coordination*


Advanced Security Analytics/ Threat Discovery

(Secure Colorado Part A)1


Improve & Upgrade IT Infrastructure

8


(SCCM)*

Tec

hn

olo

gy

Ev

ents

Expand Services Provided to Underserved Veterans*

Provide low-cost disaster mitigation services*

Financial Overview


Infrastructure Services $10,000 $67,000 $42,000 $6,000


Total Unfunded* $10,0001

$82,873 $5,790 $42,000 $6,000



Below is a summary of the estimated unfunded components of DMVA’s technology roadmap. A detailed breakdown can be found in Appendix B.


9

DMVA’s Unfunded Technology Outlook

* For context, DMVA’s FY14 total IT spend was $741,851 1No supplementals have been requested; this total represents the technology debt that DMVA is acquiring in FY16

Glossary & Acronyms







The Systems Center Configuration Manager allows administrators to manage large groups of Windows-based computer systems. SCCM helps deskside administrators to provide their users with operating systems, applications, and updates virtually. Currently there are implementation efforts moving across seven agencies.


Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 Decision Item that is billed back to the agencies based on CSN circuits, and servers being hosted and housed by OIT.




10

Glossary & Acronyms

Enterprise Wireless





HIPAA Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical and personal information.



Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1,235,922 for FY17, $1,228,676 for FY17 to implement an identity management tool across the state that would allow OIT to detect and remove dangerous and costly orphaned accounts and expedite the new employee system provisioning process.







Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

12


Appendix B



Below is an itemized summary of the estimated unfunded components of DMVA’s technology outlook.


IT Infrastructure Upgrades2 $10,000 $67,000 $42,000 $6,000

Total Unfunded Infrastructure $10,000 $67,000 $42,000 $6,000

1Decision Item cost allocation is absorbed into Common Policy after the first two years; Once absorbed into Common Policy, different and pending rates may apply. 2 Final planning for this Infrastructure Refresh Plan is underway between OIT and the DMVA IT Liaison. At the point of the publishing of this document, funding for this plan has not been allocated. 13



- $13,399 $13,399 -1 -1

Identity Management (Secure CO Part B)

- $16,560 $16,463 -1 -1

Enterprise Tools (SCCM) - $4,274 - -1 -1


$0 $29,595 $33,135

$0

$0


Department of Military and Veterans Affairs



Department of Natural Resources



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3







• Enterprise or Support Agreements are currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end-user equipment.

• I.P.A.W.S. implementation fall of 2016.

• 25% per Quarter for desktop refresh.

• Network refresh at remote parks.

• Staffing does not remain constant.

• Certain projects and initiatives that are dependent upon the approval and/or completion of preceding initiatives.

Assumptions

4


The Department of Natural Resources is charged with:



service



applications





5

Technology lifecycles are much shorter than the DNR business cycle; therefore, planning technology changes to fit DNR’s business initiatives is one way to help improve business.

•The financial sustainability of Parks and Wildlife Programs •Managing State Lands to promote recreation •Protecting Gas and Water Resources

The mission of DNR is to oversee parks, wildlife, water resources, geology, mining, and soil management. This page highlights the overarching objectives that DNR identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Manage, enhance, preserve State lands

#2- Conserve and protect Colorado’s water to achieve:

•Define, develop and implement Colorado Beautiful •Manage state lands to promote outdoor recreation •Generate reasonable and consistent income Implementation of the Integrated Parks and Wildlife System (IPAWS) supports this initiative by providing a single portal for Licensing, Permitting, and education.

•A productive economy that supports cities •An efficient and effective water infrastructure •Strong environment that includes healthy watersheds, rivers and streams OIT’s supports the Division of Water Resources, with technology programs surrounding Groundwater Use and Measurement, Riverwatch, and the Instream Flow Database.

#3- Balance responsible development of energy and mineral resources

•Adopt rules implementing Governor’s Task force recommendations •Inspect 90% of all high risk wells and mines •Resolve 90% of citizen complaints received by COGCC OIT supports the Oil and Gas Commission with technology around a public Web instance, and e-forms for document control.

6

Colorado Parks are revenue generators for the Department of Natural Resources. With the advent of IPAWS, VOIP, and other Network related technology, the aging network technology and infrastructure must be upgraded to handle the increasing demand for bandwidth. There is a need for an enhanced support model for the remote parks, as many are using technology that is not supported by OIT.

Colorado Parks and Wildlife (CPW). CPW collects fees for fish/hunt licenses, park passes, campground reservations, and for registering boats and off-highway vehicles. TLS (Total Licensing System) processes hunt/fish license sales. PARKS (Parks Automated Records Keeping System) accounts for sales of parks passes and for sales made through VRS (Vehicle Registration System) and CRS (Campground Reservation System). The primary goal of this project is to have an integrated parks and wildlife system that includes current and enhanced business functionality, upgraded technology that supports agency and public needs, and provides one-stop shopping for outdoor recreationists.

Top IT Initiatives

Below are a few of the most high priority DNR technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview. Integrated Parks and Wildlife System (IPAWS)

Replace aging Network Infrastructure

7

Application Development of Pre Licensing Draw for Large Game. This project is 1 Of 3 which collectively will replace the CORIS-INFORMIX application and system platform. The products of these projects are application redevelopment deliverables that move the application and database storage technologies from INFORMIX to .NET & SQL server. The CORIS system is operating on a legacy platform that requires unique and expensive skill sets to maintain. Its architecture is fairly inflexible and cannot take advantages of the latest development technologies. Moving it to .NET & SQL server positions the application into a more standardized solution which is prevalent in the industry and within state government.

CORIS - NxGen Development



Init

iati

ves

Bu

s.

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Bu

s.

Init

iati

ves










8

Network/ Database Monitoring

(SolarWinds NPM)*1

Tec

hn

olo

gy

Ev

ents

iPAWS

NxGen/CORIS

Hosted Support for VOIP System1

CommVault


Document Management System Conversation (Laserfiche Replacement)1


MIPC vs CISCO

PC Refresh @ 25%


Service Desk 24X7*

Financial Overview



Tools $49,000 $12,000 $12,000 $12,000 $12,000

Infrastructure Services $1,436,650 $870,650 $657,400 $482,400 $456,750


Total Unfunded* $1,485,6501 $1,145,117 $776,601 $494,400 $468,750



Below is a summary or the estimated unfunded components of DNR’s technology roadmap. Detailed breakdown can be found in Appendix B.


9

DNR’s Unfunded Technology Outlook

* For context, DNR’s FY14 total IT spend was $16,864,925 1No supplimentals have been requested; this total represents the technology debt that DNR is acquiring in FY16

Glossary & Acronyms







The Systems Center Configuration Manager allows administrators to manage large groups of Windows-based computer systems. SCCM helps Deskside administrators to provide their users with operating systems, applications, and updates virtually. Currently there are implementation efforts moving across 7 agencies.






10

Glossary & Acronyms

Enterprise Wireless








Laserfiche Laserfiche is a 3rd party vendor application, document management and scanning system.


Network/ Database Monitoring Tool Implementation (Solarwinds)

Solarwinds is a system that monitors IT infrastructure such as networks and servers, and can identify performance problems that could affect user access to applications. Solarwinds can automatically respond in various ways, from simply notifying support staff via email or text message, to even initiating actions such as rebooting devices. OIT is currently deploying Solarwinds across all of our supported agencies. The initial deployment will monitor network segments and devices only, and eventually we will configure it to monitor servers and applications.




Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

12


Appendix B



Below is an itemized summary of the estimated unfunded components of DPA’s technology outlook.


Network Refresh/switches/routers

/remote site support $1,395,000 $829,000 $615,750 $440,750 $456,750

Windows 10 Migration $41,650 $41,650 $41,650 41,650 -

Total Unfunded Infrastructure $1,436,650 $870,650 $657,400 $482,400 $456,750

1Decision Item cost allocation is absorbed into Common Policy after the first two years; once absorbed into Common Policy, different and pending rates may apply. 13

Unfunded Tools

SolarWinds $49,000 $12,000 $12,000 $12,000 $12,000




-

$48,101 $48,101

-1 -1

Identity Management (Secure CO Part B) -

$59,449 $59,100 -1 -1

Enterprise Tools - $154,917 - - -


$0 $262,467 $107,201 $0 $0

Total Unfunded Items $1,485,650 $1,145,117 $776,601 $494,400 $468,750

Department of Natural Resources



Department of Regulatory Agencies



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


3

• Decisions related to major agency initiatives or projects may alter this plan • Infrastructure and security needs will be maintained for FTI/HIPAA/PII/FBI

compliance • Cost estimates are based on initial quote/vendor information and/or past

initiatives are subject to change • For Decision Items, cost allocation to customer is based on OIT’s current Common

Policy rates • Enterprise or support agreement currently not in place for Microsoft; therefore,

cost is incurred for upgrades and support of infrastructure and end-user equipment

• Three year replacement cycle for desktops and laptops • Once OIT procures an enterprise Microsoft Licensing Agreement available to all

state agencies, DORA would migrate to that Enterprise License Agreement • Staffing levels remain consistent • Certain projects and initiatives that are dependent upon the approval and/or

completion of preceding initiatives • This roadmap functions as a living document which will be updated twice per


Assumptions

4


DORA is made up of ten divisions: The Executive Director’s Office (including the Office of Policy, Research and Regulatory Reform), the Division of Banking, the Division of Civil Rights, the Office of Consumer Counsel, the Division of Financial Services, the Division of Insurance, the Public Utilities Commission, the Division of Real Estate, the Division of Professions and Occupations, and the Division of Securities.



service



applications





Technology lifecycles are much shorter than the DORA business cycle; therefore, planning technology changes to fit DORA’s business initiatives is one way to help improve business.

5

DORA’s mission is to “preserve the integrity of the marketplace and promote a fair and competitive business environment”. This page highlights the overarching objectives that DORA identified in their annual performance that will have the biggest impact in achieving their mission.

Business Objectives

#1- Increase Public Trust and Confidence

#2- Improve Public Protection Through Effective Regulation

Increasing public trust and confidence includes the migration of legacy licensing, payment, registration and filing functions to enterprise online platforms and portals. Additionally, this initiative would include the adoption of a common electronic platform for case management systems.

Improving public protection includes modernization of technology solutions to streamline investigations, examinations, audits, licensing, inspections and complaint resolution. Modernization of public protection processes ensures more timely and prompt responses.

#3- Assure DORA is Accessible and Responsive

#4- Expand Outreach to and Engagement with the Public

To ensure that DORA is accessible and responsive, a specific group will be created to identify and prioritize projects. This group, currently called the “Prosumer” group, encompasses the IT steering committee. Additionally, internal and external communication strategies should be improved with simpler, technology supported processes for improved complaint filing for customers.

Improving the ability to reach the public using multiple communications mechanisms to include reaching both professional licensees and businesses as well as consumers. Refreshing DORA’s Internet presence and the development of mobile applications expand the ability to reach more of DORA’s consumers.

6

Numerous internal solutions, primarily infrastructure related, have been funded from a specific DORA IT budget. As OIT enterprise solutions have evolved, especially around network, server, and voice systems, DORA should consider migration to enterprise solutions. Possible enterprise migrations include:

● MIPC voice system migration ● Wireless ● Security (firewalls and web content filtering as part of Secure Colorado) ● Microsoft Enterprise Agreement (if applicable)

The Public Utilities Commission (PUC) at DORA currently uses three major systems to support business functions. The three primary systems are the Integrated Filing Management System (IFMS), Consumer Complaints Tracking System (CCTS), and the Operating Rights (OpRights) system were all developed more than a decade ago using the PowerBuilder development platform. The division is aware that these systems need to be replaced as the current support staff from OIT is nearing retirement. The determination of a funding mechanism for these systems has not yet been addressed. It’s quite likely a Decision Item will be necessary unless the division can determine another mechanism for funding.

Top IT Initiatives

Below are a few high priority DORA technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

Public Utilities Commission System Refresh

Migration to OIT Enterprise Solutions

7

Enterprise Case Management

The need throughout the department for case management is pervasive. Many divisions have a need for some form of case management and most divisions have some type of solution. Migration to an enterprise solution provides an opportunity for cost savings and collaboration as well as the potential streamlining of cases across divisions or departments.

Top IT Initiatives

Enterprise Inspections Management

Numerous divisions within DORA conduct inspections of various licensees or regulated entities. Current inspection solutions include paper forms to custom built applications. Migration to an enterprise inspections solution would provide efficiencies with respect to conducting an inspection as well as reporting the results and interfacing with the inspected licensee or regulated entity.

8

IT Roadmap Overview


* Enterprise event/initiative; see Enterprise Roadmap Overview in Appendix 1 Unfunded: see Appendix B: Unfunded Event Breakdown for details 2 OIT initiative that still needs to be planned with the agency

Init

iati

ves

Bu

sin

ess

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Bu

sin

ess

Init

iati

ves




Windows 2003 Server migrate to 2012*

Modernize legacy licence, registration and filing systems

Compliance monitoring and complaint resolution system modernization

Enterprise Case Management (SF)

PUC System Refresh 1

Review Phone/ MIPC Options

Enterprise Inspections Solution (SF)

Expand citizen engagement through mobile


Enterprise Firewall Solution (Palo Alto)*



Adopt common electronic platforms

Internal Vulnerability Scan

Automation1



9

Tec

hn

olo

gy

Ev

ents

Financial Overview


Tools - - $18,400 $8,425 -

Applications - - $1,400,000 $187,795 $187,795



Total Unfunded Tools* $0 $61,314 $1,523,256 $268,137 $268,137



Below is a summary of the estimated unfunded components of DORA’s technology roadmap. Detailed breakdown can be found in Appendix B.


10

DORA’s Unfunded Technology Outlook

*For context, DORA’s FY14 total IT spend was $3,960,899

Glossary & Acronyms






The Systems Center Configuration Manager allows administrators to manage large groups of Windows-based computer systems. SCCM helps deskside administrators to provide their users with operating systems, applications, and updates virtually. Currently there are implementation efforts moving across seven agencies.

Backup Colorado Phase II Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 Decision Item that is billed back to the agencies based on CSN circuits, and servers being hosted and housed by OIT.




11

Glossary & Acronyms





HIPAA Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical and personal information. .



Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1,235,922 for FY17, $1,228,676 for FY17 to implement an identity management tool across the state that would allow OIT to detect and remove dangerous and costly orphaned accounts and expedite the new employee system provisioning process.






Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption


13



Below is an itemized summary of the estimated unfunded components of DORA’s technology outlook.


Phone/MIPC Migration1 - - $80,342 $80,342 $80,342

Total Unfunded Infrastructure $0 $0 $80,342 $80,342 $80,342


PUC System Refresh1 - - $1,000,000 $100,000 $100,000

Enterprise Case Management (ECaM)2 - - $200,000 $50,400 $50,400

Enterprise Inspections Solution3 - - $200,000 $37,395 $37,395

myColorado4 - - - - -

Total Unfunded Applications $0 $0 $1,400,000 $187,795 $187,795

1 MIPC migration based on estimates of past phone equipment lease over three year period. 2 ECaM solution based on 38 staff members in the Civil Rights division and 88 users in the Public Utilities Commission at $400 per license with an initial implementation cost of $200,000. 3 Based on $660 per user license cost for InspectThis application with initial implementation and customization in first year. 4 Implementation of service from eLicense vendor to provide search capabilities for licensing systems for two DORA divisions to an Enterprise Service Bus. 14


Unfunded Tools



Total Unfunded Tools $0 $18,400 $8,425 $0 $0



- $19,193 $19,193 -1 -1


Enterprise Tools (Asset Discovery, Endpoint Management)

- - - -1 -1


$0 $42,914 $42,774 $0 $0


Total Unfunded Items $0 $61,314 $1,523,256 $268,137 $268,137

1Decision Item cost allocation is absorbed into Common Policy after the first two years; Once absorbed into Common Policy, different and pending rates may apply. 15

Department of Regulatory Agencies



Department of Revenue



Table of Contents

2


Roadmap Goals

3


and refresh





selection



provided by vendors




and desktop groups




horizon


3







• Enterprise or Support Agreements are in place for Oracle, RedHat/Linux, CommVault and VMWare; therefore, additional cost will not be incurred for upgrades and support for the life of the contract.

• Enterprise or Support Agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end user equipment.


• Certain projects and initiatives may be dependent upon the approval and/or completion of preceding initiatives.

Assumptions

4


The Department of Revenue’s business of providing taxes, permits, and licenses remains consistent each year. Planned obsolescence and consumerization of technology has made technology lifecycles much shorter than the DOR business cycle. Planning technology changes to fit DOR business initiatives is one way to help improve this situation.

● Improving quality and reliability of service ○ Replace aging systems with updated and more functional tools ○ Support new technical platforms such as mobile applications and customer self-

service



applications





5

Many of DOR’s regulatory functions exist to protect the public. Along with collecting taxes, providing driver’s licenses, vehicle titles and registration, the department enforces laws regarding gaming, racing, auto dealers, liquor, tobacco and marijuana.

This page highlights the prioritized objectives that DOR identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Department of Motor Vehicles

#2- Taxation

The Division of Motor Vehicles (DMV) serves walk-in customers, operates a Driver Call Center and offers online renewal for driver’s license and identification cards for two consecutive renewal cycles. The department is striving to reduce in-person and caller wait times while increasing the use of online tools. Target metrics are: • Driver Call Center - 8 minutes (50%) • Online Driver’s License Renewal (+5%) • Wait time for driver’s license and titles & registrations - 15 minutes

DOR continues to improve its online services that provide customers information as well as the ability to file returns and query their account status. It is envisioned that by expanding this online service, calls to the Tax Call Center will be reduced over time. DOR also strives to increase the number of returns filed online. Target metrics are: • Tax Call Center – 9:30 minutes; reduce annually • E-file returns – 82.8% income, 60.7% sales; increase annually.

#3- Enforcement

DOR continues its commitment to reviewing and issuing liquor licenses as soon as possible upon receipt of local approval. The Liquor and Tobacco Enforcement Division strives to approve new liquor licenses within 90 days of receipt. The Marijuana Enforcement Division strives to process retail marijuana license applications within 90 days of receipt. Target metrics are: • Liquor license processing – 90 days (75%) • Marijuana license processing - 90 days (100%) 6

Driver’s License and ID (DLID) is the project that implements a new vendor solution for the actual card production of driver’s license and identification documents.

Driver License, Record, Identification and Vehicle Enterprise Solution (DRIVES) is the DMV modernization project for the driver's license and title and registration systems. This project encompasses a vendor hosted solution and is being addressed in two phases: Phase I is Driver’s License System and Phase II is Titles and Registration Systems.

Top IT Initiatives

Below are a few of the highest priority DOR technical initiatives that will be launched over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview. DRIVES Project

Driver’s License and ID Project

7

Wait Less is an initiative to replace existing customer service kiosks for motor vehicle transactions in 16 locations and to deploy new kiosks in all remaining driver's license offices.

Wait Less

The Pipeline Initiative is a project to modernize and streamline the current state tax intake process and processing of tax related documents.

Pipeline



Init

iati

ves

Bu

sin

ess

Ap

ps

T

oo

ls

Bu

sin

ess

Init

iati

ves


TPS FAX

Pipeline

Application Modernization 1

Decommission Legacy DMV Apps

DRIVES


TPS Voice Upgrade


8

Decommission CSTARS/Informix

Decommission DLS/Adabase


(SCCM)*

Wait Less

DLID

EBG Wireless

Casino EZ File to GenTax

Application Portfolio Management1

Database & Network Monitoring

(SolarWinds)*1

Human Resources Information System (HRIS)*

Infr

astr

uct

ure

S

erv

ices

Tec

hn

olo

gy

Ev

ents

Nortel Legacy PBX Replace-EOL (MIPC change request)1

Enterprise Firewall Solution (Palo Alto)*

Backup Colorado*



Infr

astr

uct

ure

Ser

vic

es


(ASR)1

Network Refresh: DLO and Gaming 1


Network/Database Monitoring (SolarWinds)*

Network Refresh: Marijuana,

Enforcement, Racetrack, Pierce,

Annex1




9

Tec

hn

olo

gy

Ev

ents

UCS Refresh 1

Tape Drive Refresh 1

Storage Encryption 1

Server Tumbleweed Replacement 1

DOR Desktop Printer, Workstation Refresh, CSTARS - 4-year Refresh 1

Software Upgrades (Microsoft, MSSQL Oracle, RedHat / Linux, CommVault)1

Bandwidth Upgrades: Kipling,

E-Fort 1


DOR Wireless Implementation 1

VMWare (10 license increase)1


(Nexus)1

Financial Overview


Applications - $20,000 - - -

Tools - $200,000 $28,500 $28,500 $28,500

Infrastructure Services $6,000 $1,633,096 $1,096,478 $1,333,915 $456,315


- $891,699 $1,055,360 TBD TBD


$2,744,795 $2,180,338 $1,362,415 $484,815



Below is a summary of the estimated unfunded components of DOR’s technology roadmap. Detailed breakdown can be found in Appendix B.


10

DOR’s Unfunded Technology Outlook

* For context, DOR’s total FY14 IT spend was $31,145,728 1 FY16 DOR supplementals requested was rejected; this total represents the technology debt that DOR is acquiring in FY16

Glossary & Acronyms








Application Modernization

An enterprise initiative to modernize existing, needed applications to supported platforms in order for them to function with newer OS, database, etc. versions.



Casino EZ File(CEZFS) to Gen Tax

CEZFS is the application used by business licensees to file their gaming tax returns and submit tax payments each month, file their device (slot machines) tracking, tracking updates and file their annual financial statements. These processes will be removed from the CEZFS application and added to the modern GENTAX application

11

Glossary & Acronyms

Common Policy Most of OIT’s services and functions are covered via Common Policy for a specific length of time. Common Policy bases services on customers, costs, and usage estimates at the start of a fiscal year. The actual usage and amount due are calculated during the fiscal year. Initiatives that are funded through Common Policy do not include agency level enhancements support or maintenance after re-appropriated funds are depleted.

CSTARS CSTARS is the county Titles and registration System used to administer Vehicle Titles and administer license plate issuance in the counties


Decommission CSTARS / Informix

Work efforts to decommission the existing CSTARS application and Informix database upon successful implementation of the DRIVES project.

Decommission DLS / Adabase

Work efforts to decommission the existing Driver License application and Adabse database upon successful implementation of the DRIVES project.

DRIVES Driver License, Record, Identification and Vehicle Enterprise Solution, or DRIVES, is the DMV modernization project for the driver's license and title and registration systems.

EBG Wireless Expansion of wireless capabilities at 455 Sherman Street, 1881 Pierce Street; installation of wireless functionality for the EBG Offices at 1030 South Academy Blvd in Colorado Springs, 632 Market Street in Grand Junction and 275 South Main Street in Longmont.

Endpoint Encryption


Enterprise Wireless


Glossary & Acronyms


FTI Federal Tax Information which the state is responsible for protecting.




Secure Colorado is OIT’s statewide strategic security plan. OIT has requested $1,235,922 for FY17, $1,228,676 for FY17, to implement an identity management tool across the state that would allow OIT to detect and remove dangerous and costly orphaned accounts and expedite the new employee system provisioning process.


Ongoing to institute an IT Network, Systems Infrastructure, and Voice Services refresh programs. This project was an OIT FY16 Decision Item that is billed back to the agencies based on FTE and server count.

ITAM IT Asset Management. Record and track detailed hardware and software inventory information.

PII Personally Identifiable Information which the state is the responsible for protecting.







Glossary & Acronyms

SmartNet Coverage

Network Server for UCS hosts at eFORT.

TPS FAX A project to purchase and implement a fax server process for taxpayer correspondence with the Taxpayer Service Division. A fax server solution will allow the division to improve its interaction with taxpayers, while also reducing ongoing costs.

TPS Voice Upgrade

Upgrading the “Equature” voice recording application will allow the TPS call center the ability to continue to record phone calls and allow management to utilize Equature's screen capture functionality to improve call quality.


Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

15


Appendix B



The Department of Revenue’s Change Request for ongoing general funding to maintain technology infrastructure investments was denied. Lack of funding will increase the technical debt as systems become dated and less reliable, and interfere with the department’s ability to achieve the highest level of compliance and customer service possible.


Application Modernization - $20,000 - - -

Total Unfunded Infrastructure $0 $20,000 $0 $0 $0

16

Unfunded Tools

Applications Portfolio Management

- $10,000 - - -

DPA - Database Monitoring (SolarWinds)*

- $40,000 $6,000 (maintenance)

$6,000 (maintenance)


NW Config, Log & Event (Audit & CISO); IP Mgr,

Topology Mapper, Failover, Storage Manager

(SolarWinds)*

- $150,000 $22,500 (maintenance)





Software (Microsoft, Oracle, RedHat/Linux) - $378,315 $378,315 $378,315 $378,315

VMWare (10 license increase) - $61,800 - - -

Desktop Printer - 4 year refresh $6,000 $6,000 $6,000 $6,000 $6,000

Appendix B



Unfunded Infrastructure (cont.)

UCS Refresh - $500,000 - - -

Standards (Tape Drive Refresh) - $86,000 - - -

Network: Marijuana Enf Refresh - - $43,300 - -

Standards (Kipling / eFORT Nexus Refresh, Routers / Switches) - - - $949,600

(Nexus) -

Software (Microsoft, Oracle, RedHat/Linux) - $378,315 $378,315 $378,315 $378,315

VMWare (10 license increase) - $61,800 - - -

Desktop Printer - 4 year refresh $6,000 $6,000 $6,000 $6,000 $6,000

UCS Refresh - $500,000 - - -

Standards (Tape Drive Refresh) - $86,000 - - -

Network: Kipling eFORT Refresh - $240,000 (ASR) - - -

Network: DLO Refresh - $229,800 - - -

Network: Gaming Refresh - $40,700 - - -

Network: Field Audit Refresh - - $37,700 - -

Network: Racetrack Refresh - - $9,000 - -

Network: Pierce / Annex Refresh - - $600,000 - -

Bandwidth: Kipling / eFORT Upgrades - $72,000 - -

$72,000

Leased Space Adjustment - $18,481 $22,163 - -

Total Unfunded Infrastructure $6,000 $1,633,096 $1,096,478 $1,333,915 $456,315

17

Appendix B



18

Total Unfunded Items $6,000 $2,744,795 $2,180,338 $1,362,415 $484,815


Advanced Security Analytics / Threat Discovery (Secure

Colorado Part A) - $44,960 $44,960 TBD TBD

Identity Management (Secure Colorado Part B) - $55,567 $55,241 TBD TBD

Enterprise Tools (End User Config/SCCM) - $0 $231,487 TBD TBD

Nortel Legacy PBX Replace-EOL (MIPC change request)* - $791,172 $723,672 TBD TBD


$0 $891,699 $1,055,360 TBD TBD

•Estimates based on initial quote/vendor information and/or past initiatives, and subject to change.

•Costs rounded to the nearest $100.

•Decisions related to DRIVES implementation may alter this plan (e.g., equipment and infrastructure refreshes).

•Assume infrastructure needs to be maintained for DOR to maintain FTI and other regulatory compliance. Any versions referenced may be modified.

•Enterprise or Support Agreements in place for Oracle, RedHat/Linux, CommVault and VMWare; therefore, additional cost not incurred for upgrades and support.

•No Enterprise Agreement currently in place for Microsoft; therefore cost is incurred for upgrades and support.

•Infrastructure - assume pursuing option to fund Microsoft upgrades and support over a recurring three year term rather than front-end buy; ensure licensing compliance.

•End user equipment - assume current funding sources for upgrades and refreshes are sufficient whether using the current OEM model or the Microsoft services model; will not move to Office 365.

•Assume Kipling/eFORT ASR and Nexus Refreshes will be done individually to strictly adhere to refresh schedules. An alternative is to perform the Nexus Refresh rather than the ASR Refresh in 2016/17.

•Assume no contract escalators.

Notes and Assumptions:

Department of Revenue



Department of Personnel & Administration



Table of Contents

2


Roadmap Goals

3


and refresh





selection



provided by vendors




and desktop groups




horizon


• Decisions related to major agency initiatives or projects may alter this plan. • Infrastructure and security needs will be maintained for FTI/HIPAA/PII/FBI

compliance. • Cost estimates are based on initial quote, vendor information and/or past

initiatives, and are subject to change. • For Decision Items, cost allocation to customer is based on OIT’s current Common

Policy rates. • Enterprise or Support Agreement currently not in place for Microsoft; therefore,

cost is incurred for upgrades and support of infrastructure and end-user equipment.

• Three-year replacement cycle for desktops and laptops. • Once OIT procures an enterprise Microsoft Licensing Agreement available to all

state agencies, DPA will migrate to that Enterprise License Agreement. • Staffing remains constant. • Certain projects and initiatives are dependent upon the approval and/or

completion of preceding initiatives. • This roadmap functions as a living document which will be updated twice per


Assumptions

4


DPA is made up of five divisions: the Executive Director’s Office, Human Resources, Central Services, Accountants and Controls, and Administrative Courts. DPA also includes the State Personnel Board, State Archivist and State Architect.



service



applications





5

Technology lifecycles are much shorter than the DPA business cycle; therefore, planning technology changes to fit DPA’s business initiatives is one way to help improve business.

The mission of the Department of Personnel and Administration is to provide quality services to enhance state government success. This page highlights the overarching objectives that DPA identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- Improve DPA Customer Service

#2- Modernize Business Operations

Improving DPA customer service will involve initially conducting a baseline state agency customer service satisfaction survey. The survey will include a minimum of 250 individuals from departments and institutions DPA serves. The survey will be complete by December 31, 2015. In addition to the state agency survey, a public satisfaction survey will be conducted for programs that directly serve the public. The survey will be complete by June 30, 2018. As a result of the survey, DPA will identify areas of improvement and take specific measurable actions to address opportunities to improve customer service.

The modernize business operations goal focuses on two specific objectives, completing the Colorado Operations Resource Engine (CORE) and implementation of an enterprise Human Resources Information System (HRIS). The CORE system involves the completion of the accounts receivable, grants management and vendor self service financial queries. Implementation for the remaining areas is scheduled for completion by June 30, 2016. The implementation of the first four areas of the HRIS (human capital management, timekeeping and leave management, performance management, and benefits administration) is scheduled for implementation by July 1, 2017.

#3- Invest in the Workforce

Investing in the workforce specifically involves increasing employee job satisfaction. The focus of investing in the workforce involves recognizing employees, identifying career paths, and providing training opportunities.

6

The current objective is to implement an HRIS system by July 1, 2017. This implementation includes the four main modules of human capital management, timekeeping and leave management, performance management, and benefits administration. Responses to the RFP have been submitted and are being evaluated. Upon vendor selection, a contract would be negotiated and signed with the intent of meeting the implementation deadline. The entire HRIS system implementation is approximately a $31.3 million initiative that encompasses the Kronos engagement. Personal services over the next five years represents approximately $1.6 million per year of the budget.

Implement the remaining CORE functions by the end of FY15-16. The remaining CORE functions include accounts receivable, grants management and vendor self service financial queries. The accounts receivable and grants management module are scheduled for completion by February 28, 2016. The improvements to the financial queries for vendors is scheduled for completion by June 30, 2016.

Top IT Initiatives

Below are a few of the most high priority DPA technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview. CORE Implementation Completion

HRIS Implementation

7

The Department of Corrections (DOC) and the Department of Public Safety (DPS) have a need for time and leave management. OIT and DPA are currently engaged in implementing the Kronos system for DOC and DPS. Business analysts are engaged in initial assessments. The implementation of Kronos is funded as part of the overall HRIS project and comprises approximately $9 million of the budget.

Kronos Implementation for Corrections and Public Safety

Replacement of the Existing Collections System

The current collection system, called CUBS, is used to collect outstanding debts and needs to be replaced. An RFP has been created.

Top IT Initiatives

Consolidation of IT Systems and Architecture

During discussions of the IT 5-Year plan, it has become apparent that DPA has numerous existing systems that are standalone but use similar technologies. OIT should consider consolidation of the supporting technologies (SQL Server databases, IIS web/application servers and physical hardware) to reduce the DPA server footprint. Cost savings, or avoidance, from consolidation and moving to virtual servers presents an opportunity for desktop and laptop replacement plan implementation.

8

Replacement Plan Implementation

DPA currently does not have a replacement plan in place for desktops and laptops. Replacements currently come from dollars within the divisions on an as needed basis. DPA should consider a three or four year replacement cycle for desktop and laptop devices.



Init

iati

ves

Bu

sin

ess

Ap

ps

In

fras

tru

ctu

re S

erv

ices

T

oo

ls

Bu

sin

ess

Init

iati

ves

Single Sign On*




Replacement Plan

CORE

Kronos for CDPS and DOC

Equipment Refresh 1,2

Server Integration

CORE Implementation

Replace Existing Collections System




Consolidation of IT Systems and Architecture



9

Collections System Replacement (CUBS)

HRIS Implementation

Asset Discovery, Endpoint Mgmt (SCCM)*

Tec

hn

olo

gy

Ev

ents

HRIS

Kronos

Financial Overview


Tools - $20,756 $9,479 - -



Total Unfunded $0 $50,725 $115,864 $83,554 $84,360



Below is a summary of the estimated unfunded components of DPA’s technology roadmap. Detailed breakdown can be found in Appendix B.


10 * For context, DPA’s FY14 total IT spend was $5,874,483.

DPA’s Unfunded Technology Outlook

Glossary & Acronyms













11

Glossary & Acronyms

Enterprise Wireless














Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

13




Below is an itemized summary of the estimated unfunded components of DPA’s technology outlook.


Equipment Refresh1 $82,729 $83,544 $84,360


1 Equipment Refresh based on 384 devices. Desktop device estimated at $820 and laptop device at $1,031 with 1% increase per year with 80% desktop and 20% laptop. 2Decision Item cost allocation is absorbed into Common Policy after the first two years; once absorbed into Common Policy, different and pending rates may apply. 14

Unfunded Tools



Total Unfunded Tools $0 $20,756 $9,479 TBD TBD



- $13,399 $13,399 -2 -2


Total Unfunded (Pending) Decision Items $0 $29,595 $33,135 TBD TBD

Total Unfunded Items $0 $50,725 $115,864 $83,554 $84,360

Department of Personnel & Administraion



Department of Public Health and Environment



Table of Contents

2


Roadmap Goals


and refresh





selection



provided by vendors




and desktop groups




horizon


•Major agency project decisions may alter this plan (e.g., equipment and infrastructure refreshes).

•Infrastructure and security needs will be maintained for FTI/HIPPA/PII/FBI compliance.

•Cost estimates are based on initial quote, vendor information and/or past initiatives and are subject to change.

•For Decision Items, cost allocation to customer is based on OIT’s current Common Policy rates.

•Enterprise or Support Agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end user equipment.

•Enterprise Applications group restructure keeps application developer staffing levels constant. Other future reorganizations do not affect the number of front line staff assigned to support CDPHE.

•Staffing remains constant - OIT will maintain staffing level for all operational teams. When vacancies occur, replacements will be hired within three months or temporary staff or contractors will be hired with OIT vacancy savings to we have vacancies, hire replacements within three months to fill the service gap and prevent a backlog of work.

•Agency continues to provide funds to replace at least one-quarter of their workstations each year.

•Change in staff on CDPHE Executive Leadership Team (ELT), Leadership Team (LT) or Business Technology Team (BTT) does not vastly change the direction indicated within this document.

•New technology will be introduced in the next five years that might vastly change these plans. Testing will occur before new technologies are adopted.

Assumptions

4


The responsibility of CDPHE staff and the OIT staff who support this agency is to protect and improve the public’s health and the quality of their environment. Our IT vision is to amplify that passion and impact through technologies that enable employees, customers and constituents to do their best work and create powerful outcomes. We believe in standardizing and simplifying everything we do before using technology to make it even better. We believe in enhancing lives through convenience, speed and transparency. We believe that we promote deeper insights and better conclusions by unlocking the value of our shareable data. We believe in creating seamless and consistent service experiences across our divisions. We believe that we attract, inspire and engage current and future generations of employees by continually evolving how we do work. Above all, we believe that we are a learning organization; one that continually adapts and transforms our processes and technologies to best serve CDPHE’s mission and the needs of our community. We are committed to keeping our existing systems running, minimizing our technical debt and strategically planning for the future.



service ● Reducing cost of service

○ Leverage best practices and standards to deliver consistent and cost effective solutions

○ Introduce new technologies to reduce ongoing support cost ○ Utilize enterprise solutions to reduce cost associated with redundant licensing and

applications ● Minimizing downtime or disruption for maintenance or upgrades

○ Unify technology changes and maintenance ○ Coordinate deployments, moves and changes

● Driving technology-related statutory responsibility and institutional mandates ○ Secure state data and assets ○ Implement data management governance


5

The mission of the Colorado Department of Public Health and Environment is to protect and improve the health of Colorado's people and the quality of its environment. CDPHE anticipates that over the next five years, the following initiatives will have the greatest impact on effectively delivering on its mission:

Business Objectives

#1- Reverse the upward obesity trend by aligning and intensifying efforts to develop a culture of health and creating conditions for Coloradans to achieve healthy weight across the lifespan.

#2- Increase statewide capacity for coordinated obesity surveillance and for creating conditions to achieve healthy weight across the lifespan.

Efforts in the Top IT Initiatives section of this document that relate to this business objective include:


#3- Advance policy and community approaches to improve the social and emotional health of mothers, fathers, caregivers and children.


6

• IT Infrastructure upgrades: indirectly because performing this work relies on having a working computer network. • Laboratory Information Management System (LIMS) • Agency Enterprise Business Intelligence (BI) Tool


• IT Infrastructure upgrades: indirectly because performing this work relies on having a working computer network. • Agency Enterprise Business Intelligence (BI) Tool

Business Objectives

#4- Reduce the burden of depression in Colorado by improving screening and referral practices and reducing the stigma of seeking help for depression, especially among pregnant women, men of working age and individuals who are obese.

#5- Reduce prescription drug overdose death rates of Coloradans ages 15 and older by increasing safe prescribing practices and permanent disposal sites for controlled substances.



#6- Improve air quality by reducing emissions of air pollutants across Colorado.


7

• IT Infrastructure upgrades: indirectly because performing this work relies on having a working computer network. • Agency Enterprise Business Intelligence (BI) Tool


• CIMPLE • Agency Enterprise BI tool • IT Infrastructure upgrades: indirectly because performing this work relies on having a working computer network. • LIMS update: indirectly. Air samples are run by the lab and will be stored in LIMS

Business Objectives

#7- Protect all designated uses for water bodies and drinking water by attaining water quality standards and restoring impaired water quality to attainable standards.

#8- Maintain and improve the sustainability and efficiency of CDPHE programs and infrastructure.


#9- Create healthy people and healthy places throughout Colorado by focusing on health equity and environmental justice


8

• CIMPLE • SharePoint: CDPHE’s Water Quality control Division is currently migrating from Spigot, their 2007 SharePoint system into Aquifer, their 2010 Share Point system. This upgrade referred to within will provide them with their next step forward should they choose to continue to use SharePoint as their main business process automation too. They are currently exploring options for the future. • Agency Enterprise Business Intelligence (BI) Tool • IT Infrastructure upgrades: indirectly because performing this work relies on having a working computer network. • LIMS update: indirectly. Water samples are run by the lab and will be stored in LIMS

All of the efforts described in the Top IT Initiatives section of this document relate directly to this business objective.

• HFEMSD Systems Rewrite: these systems support the regulation of health care facilities throughout Colorado to make sure patients and residents receive at least a standard minimum level of care • CIMPLE • Electronic Birth System Rewrite • IT Infrastructure upgrades • Agency Enterprise Business Intelligence (BI) Tool

CDPHE currently uses SharePoint for a wide variety of services from posting static documents on our Intranet, signing documents, and completing forms online to more complex workflows like the Water Quality Control Division’s (WQCD) tracking of how pollution upstream affects permits for polluting downstream. We are currently doing an analysis of our existing systems to determine if we will upgrade it to a newer version of SharePoint and make it available from outside CDPHE’s network or split up the services and perform them with different solutions. Estimated cost over the next 5 years: $1,100,000

This project is anything but simple. The Acronym stands for “Customer Interface Modernization Project for a Lean Environment”. That is the name of the project, not the application that will result from it. This project represents the first time all four of CDPHE’s Environment Divisions are coming together to build a standard web-based interface with single sign-on for their external stakeholders. This system will also be used by internal staff. Estimated cost over the next 5 years: $6,000,000

Top IT Initiatives

CDPHE is a large and diverse agency that receives funding from, and performs work for, a variety of Federal Government agencies as well as other stakeholders. The OIT staff who support CDPHE generally work on about 40 IT projects at a time and have about 20 on a waiting list. The majority of these projects can be absorbed by existing OIT resources assigned to support CDPHE. Six of the following projects will require additional resources over the next five years. The seventh one has funding but is noteworthy. Timelines for these initiatives are represented on the IT Roadmap Overview slide later in this presentation. Funding amounts are estimates.

CIMPLE

SharePoint Upgrade

9

In CDPHE’s Health Facilities and Emergency Medical Services Division (HFEMSD) we have about 40 IT applications that perform relatively limited business functions. HFEMSD and OIT are currently analyzing those functions to determine the best path forward for these systems. HFEMSD is currently planning to incorporate them all into one large, new system. Estimated cost over the next 5 years: $3,000,000

HFEMSD Systems Rewrite

This is a project to modernize and enhance the functionality of CDPHE’s existing birth system called Vital Records - Colorado Vital Information System (COVIS) Estimated cost over the next 5 years: $1,500,000

Since 2003, the CDPHE Laboratory Services Division (LSD) has been using a Laboratory Information Tracking System (LITS) to track end-to-end laboratory data, processing, and reporting. The system has become outdated and unable to fulfill the needs of the laboratory and our customers. CDPHE is asking for capital development funds to replace this system with a newer version that can meet their current needs. Estimated cost over the next 5 years: $606,743

Top IT Initiatives

Laboratory Information Management System (LIMS)

Electronic Birth System Rewrite

10

The cabling that passes network traffic between building on the main campus and from each building to individual workstations, conference rooms and other areas is aging and the bridge between the B and C building will come down in the next few year. We run cables from B to C across this bridge. We will need to have a trench dug between the buildings through which to run cable. Estimated cost over the next 5 years: $600,000

IT Infrastructure Upgrades

Agency Enterprise Business Intelligence (BI) Tool

Agency Enterprise Business Intelligence (BI) Tool - Priority but may not be a funding request. May be able to pay for this out of existing operating dollars. Estimated cost over the next 5 years: $350,000 (Funded) Funded, but noteworthy since it relates to so many of CDPHE’s strategic goals

CDPHE supports this OIT Initiative. This effort is indirectly linked to all of CDPHE’s Business Priorities. This agency handles a variety of sensitive data and it is our joint responsibility with OIT to protect it as best we can. Estimated cost to CDPHE over FY17 & 18: $94,810

This tool will help us get computers from door to desk significantly faster than we have in the past. Historically, we have taken between five and six months on average to roll out a batch of computer upgrades. With this tool and the process improvements we are already working on we hope to get this down to 60 days. Estimated cost to CDPHE in FY17: $147,153

Top IT Initiatives

Microsoft System Center Configuration Manager (SCCM)

Secure Colorado

11



Bu

sin

ess

Init

iati

ves

Medical Marijuana Registry Rewrite “Green Giant” and Caregiver Registry “Little Sprout”

Perceptive in Vital Records

Health Facilities and Emergency Medical

Services Division (HFEMSD) Systems

Rewrite 1 FY19-FY21

(CIMPLE) Pilot Test1 FY16

12

Create and maintain CDPHE’s Foundational Technology Framework (FTF) to inform the IT plan

X-Ray Test of Google SQL

SharePoint Upgrade1 Version 10 end of extended support

10/2020

Electronic Birth System Rewrite 1

Agency Enterprise Business Intelligence (BI) Tool FY17

Laboratory Information Management System (LIMS) 1 FY17

Document 80% of processes that can be moved from paper to electronic. FY17-FY24

Department-Wide Strategic Plan Performance Tracking Tool

Electronic Health Record (EHR)

Customer Interface Modernization Project for a Lean Environment (CIMPLE)1 FY17-FY21

IT Roadmap Overview



Infr

astr

uct

ure

Ser

vic

es

Improve UPS coverage for IT

equipment

Cubicle Furniture Replacement A2 IT

Remote Access (eVPN) / Anyconnect*

Improve Cooling of IT Equipment spaces

13

vRealize for Server Monitoring*

SolarWinds for Database Monitoring*

SolarWinds - Migrate to this state standard for Network Monitoring

Kronos Upgrade (DPA and OIT) *2

Human Resources Information System (HRIS) *2

Grants Management (CORE)*2

To

ols

OIT

OIT

R

equ

ests

to

b

e V

ette

d

wit

h

CD

PH

E

No

w

Mo

nit

ori

ng

S

CC

M &

IT

AM

Active Directory Integration and IP Address / Subnet revamp*2

IT Asset Management (ITAM) with SCCM for Data Discovery FY17 or FY18

Microsoft System Center Configuration Manager (SCCM); Computer Deployment Process Improvement Tool for DeskSide Support with Multi-Cast support

via Network Team FY16-FY18


Tec

hn

olo

gy

Ev

ents

IT Roadmap Overview



Desk Phone Annual Refresh one-sixth of total equipment each year (VOIP Desk Phones)

Server Infrastructure Refresh one-fifth of total equipment each year *2 (CDPHE, eFORT and eventually 6th and Kipling as well)

Cisco Prime Network Monitoring: maintain to realize prior investment

Workstation Annual Refresh one-quarter of total workstation equipment each year (desktop / laptop, mobile, WiFi, printers, scanners, projectors, plotters, MS Office and a

variety of semi-standard software like Adobe pro, Visio, etc...)

14

VoIP Phone System Upgrade @ Lab

VoIP phone system upgrade @ Main

Campus

Employee wireless in addition to Guest Wireless (Related to decommission of Direct Access to

save money on MS Windows Licenses)

Replace Cabling to workstations 2 FY19 or FY20

Universal Access Gateway (UAG) Employee Portal -

Upgrade (Extended Support ends 4/14/2020)

Retire CDPHE’s Instance of Virtual Desktop Infrastructure (VDI) due to lack of available OIT

support. Meeting business needs with a variety of other, supported, tools

Replace network cables between buildings on main campus and upgrade patch panel cabling in each network closet.

Mo

nit

ori

ng

P

ho

ne

VD

I, D

irec

t A

cces

s, U

GA

C

abli

ng

Infr

astr

uct

ure

Ser

vic

es

Tec

hn

olo

gy

Ev

ents

Network Equipment Infrastructure Refresh one-fifth of total equipment each year *2 (CDPHE and eFORT, Eventually 6th and Kipling as well)

On

go

ing

Eq

uip

men

t R

efre

sh

IT Roadmap Overview



Move servers and storage from CDPHE equipment at E-Fort to vBlock at eFORT

Environmental Alarms in A2 Server Room and Network Closets

Create Physical Servers, as needed (Domain, Print, Phone, SCCM) to

support main campus once all other servers move to eFORT

Move remaining Servers from CDPHE Main Campus to Vblock at E-Fort

15

Network Redundancy to accommodate remote data centers

Create Physical Servers, as needed (Domain, Print, Phone, SCCM) to

support main campus once all other servers move to eFORT

Convert Main Campus Server Room into Workstation Imaging and Active Storage Space

Dedicated Network Line from CDPHE

Main Campus to 6th and Kipling for

Disaster Recovery 1

DR Plans and supporting infrastructure for Business Priority

Applications

Disaster Recovery (DR) Plans and supporting infrastructure for Essential and Critical

Applications

10GB Dedicated Network Line from CDPHE Main Campus to eFORT as a result of Data Center

Consolidation

Infr

astr

uct

ure

Ser

vic

es

Tec

hn

olo

gy

Ev

ents

Research Insurance Coverage for IT equipment damaged by water etc.. and document process.

Dat

a C

ente

r C

on

soli

dat

ion

an

d D

isas

ter

Rec

ov

ery

Wireless network in Grand Junction

Office

Phone System changes in Grand

Junction Gra

nd

Ju

nct

ion

IT Roadmap Overview



16

Network Equipment Infrastructure Refresh one-third of total equipment each year *2 (CDPHE and eFORT, eventually 6th and Kipling as well)

Server Infrastructure Refresh one-third of total equipment each year *2 (CDPHE, eFORT and eventually 6th and Kipling as well)

Desk Phone Annual Refresh one-sixth of total equipment each year (VOIP Desk Phones)

Windows 10 Upgrade- begin by 01/01/16 to plan ahead for 01/14/20 end of extended support for Win 7

Workstation Annual Refresh one-fourth of total workstation equipment each year (desktop / laptop, mobile, WiFi, printers, scanners, projectors, plotters, MS Office and a

variety of semi-standard software like Adobe pro, Visio, etc...)

Windows [next] upgrade - (Win 10 end of extended

support: 10/14/25

Windows 2003 and older Servers - Upgrade (including related application updates)

On

go

ing

Eq

uip

men

t R

efre

sh

Win

do

ws

Infr

astr

uct

ure

Ser

vic

es

Tec

hn

olo

gy

Ev

ents

OIT

-In

itia

ted

Req

ues

ts t

hat

nee

d t

o

be

Vet

ted

wit

h C

DP

HE

Two-Factor Authentication *2

BackUp Colorado Phase II*2

CIS Hardening *2


Single Sign-on *2

GIS Coordination*2

rCORE Accounts Receivable Module *

Financial Overview


Applications - - $3,600,000 $1,000,000 $1,000,000

Tools - - $31,859 $8,222 $8,222


OIT Pending FY17 Decision Items - $1,907,935 $1,335,273 $1,150,000 $1,150,000

Total Unfunded* $0 $1,907,935 $5,435,132 $3,128,222 $2,538,839

● Technology debt & long-term cost ● Security vulnerabilities ● Maintenance


Below is a summary of the estimated unfunded components of CDPHE’s technology roadmap. Detailed breakdown can be found in Appendix B.


17

CDPHE’s Unfunded Technology Outlook

* For context, CDPHE’s FY14 total IT spend was $12,793,872

Financial Overview

Common Policy $8,998,555 $7,396,406 $8,998,555 $8,998,555 $8,998,555

FY16 R-1 OIT DI $226,656 $214,231 Unknown Unknown Unknown

FY16 R-6 OIT DI $508,200 $268,200 $268,200 $268,200 $268,200

IT Indirect $661,219 $661,219 $661,219 $661,219 $661,219

TOTAL FUNDED $10,394,630 $8,540,056 $9,927,974 $9,927,974 $9,927,974

Below is a summary of the estimated funded components of CDPHE’s Technology Roadmap.


18

CDPHE’s Funded Technology Outlook

FY16 OIT R-1 DI Ongoing replacement of network equipment every five years so it doesn’t become obsolete, fail or cause compatibility issues. CDPHE originally wrote this into R-6 above but OIT budget team required that the money be part of the Infrastructure Refresh DI. Right now, CDPHE is only guaranteed FY16 and FY17 funding from the money from the R-1 DI resulting in unknown funding for FY18-20. FY16 R-6 OIT DI Joint CDPHE/OIT Decision Item written in FY15 for FY16 and beyond to provide funds to pay for: 1. Setup of dedicated high-speed network line between the CDPHE main campus and effort in

FY16 and maintenance going forward 2. SmartNet warranty coverage for Cisco Network equipment is a large, recurring annual bill

not successfully covered with existing IT indirect budget 3. Ongoing uninterruptible power supply (UPS) maintenance and battery replacement IT Indirect This budget is managed by the CDPHE IT Director in coordination with CDPHE’s IT Steering Committee leads. It is the only money available to purchase computers for OIT staff who support CDPHE, pay for multi-media equipment in department-shared conference rooms, etc. This budget is already mostly taken up each fiscal year with recurring bills like CommVault, phone system support, office supplies, printer toner, conference call licenses, Oracle maintenance, very minimal training, some basic tools for developers, form creation software, air conditioning maintenance, server/network closet cleaning, hard drive shredding and minimal travel expenses. With OIT’s matrix-management org structure and very little direct reporting authority to Agency IT Directors, this IT indirect budget is the only tool the IT Director at CDPHE has to influence certain events in a significant way.

Glossary & Acronyms






Agency Enterprise Business Intelligence (BI) Tool

CDPHE is currently doing a pilot test of Tableau. OIT is interested in the outcome of this test. The Business Technology Team (BTT) is involved in the project and will report findings from the test to key staff at OIT.





CIMPLE CIMPLE is the Customer Interface Modernization Project for a Lean Environment.


CORE CORE is the Colorado Operations Resource Engine (CORE) accounts receivable module.

19

Glossary & Acronyms

EHR EHR is the Electronic Health Records project.

Electronic Birth Record System

This system track births throughout Colorado. It is called the Colorado Vital Information System (COVIS).

Endpoint Encryption


Enterprise Wireless

The Enterprise Wireless project will make secure wireless Internet accessible to all OIT customers. Implementing wireless Internet accessibility responds to the needs of our customers for a basic and expected business service. This project was an OIT FY16 decision item that is billed back to the agencies based on FTE.


Federal Tax Information (FTI)

The State is responsible for protecting Federal Tax Information.


HFEMSD Health Facilities and Emergency Medical Services Division Systems. This is the division of CDPHE that regulates health care facilities and certifies Emergency Medical Technicians.





Infrastructure Refresh is an ongoing effort to institute an IT Network, Systems Infrastructure, and Voice Services refresh programs. This project was an OIT FY16 decision item that is billed back to the agencies based on FTE and server count.

IRT IRT is an Intensive Residential Treatment.

ISP ISP is the parolee Intensive Supervision Program.

Glossary & Acronyms

IT Asset Management (ITAM)

ITAM records and tracks detailed hardware and software inventory information.

LIMS LIMS is the Laboratory Information Management System

Medical Marijuana Registry (MMR)

Medical Marijuana Registry (MMR), also called the Green Giant. A custom, agency-specific application that is being replaced with COTS. This system tracks everyone in Colorado who has a Medical Marijuana ID Card.



Perceptive Electronic Records Management System that will eventually be in place for the Health Divisions of CDPHE starting with Vital Records. The environment divisions have used HP Records Manager, formerly called Trim for years and will continue to us use it into the future.

Performance Tracking tool

Performance Tracking tool is a department-wide strategic planning tool.

Personally Identifiable Information (PII)

The State is the responsible for protecting PII.


VDS is the Virtual Directory Abstraction Layer.




Glossary & Acronyms

SharePoint Upgrade

CDPHE currently runs Microsoft SharePoint 2007 and are upgrading to version 2010. We use this system for a variety of business needs from posting document to our Intranet to processing complex workflows.

SmartNet Coverage

SmartNet Coverage is a network server for UCS hosts at eFORT.

Systems Center Configuration Manager (SCCM)

The Systems Center Configuration Manager (SCCM) allows administrators to manage large groups of Windows-based computer systems. SCCM helps deskside administrators to provide their users with operating systems, applications, and updates virtually. Currently there are implementation efforts moving across seven agencies. At DOC, this was implemented to replace Novell Zenworks for asset management, patch management and software deployment. Yearly cost will be offset by savings from Novell and AMP retirement.


UAG UAG is a Microsoft Universal Access Gateway Employee Portal. This effort is to upgrade. Microsoft extended support ends April 14, 2020.

UPS Uninterruptible Power Supply provides battery backup when the electrical power fails or decreases.

VDI Retire CDPHE’s Instance of Virtual Desktop Infrastructure (VDI) due to lack of available OIT support. Meeting business needs with a variety of other, supported, tools.

VoIP Voice over IP is voice communications over the internet protocol (IP) networks (i.e., IP telephony).

vRealize VMware vRealize Hyperic monitors operating systems, middleware and applications running in physical, virtual and cloud environments. It is a component of VMware vRealize Operations.

Wireless Project

Implement employee and guest wireless. Decommission Microsoft’s Direct Access, which will eliminate cost of licenses and maintenance.

WYSE Virtualization

This is a WYSE virtual environment used in the offender labs.

Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

23


Appendix B



Below is an itemized summary of the estimated unfunded components of CDPHE’s technology outlook.


SharePoint Upgrade - - $1,100,000 - -

HFEMSD Systems Rewrite - - $1,000,000 $1,000,000 $1,000,000

Electronic Birth System Rewrite - - $1,500,000 - -

Total Unfunded Apps $0 $0 $3,600,000 $1,000,000 $1,000,000

Notes & Assumptions

24

Unfunded Tools

Active Directory Integration and IP Address / Subnet revamp

- - TBD TBD TBD

IT Asset Management (ITAM) with SCCM- Data Discovery FY17 or FY18

- - TBD - -

Database Monitoring (SolarWinds) - - $31,859 $8,222 $8,222

Human Resources Information System - - TBD TBD TBD

Kronos - - TBD TBD TBD

Total Unfunded Tools $0 $0 $31,859 $8,222 $8,222

•Estimates based on initial quote/vendor information and/or past initiatives, and are subject to change.

•No Enterprise Agreement currently in place for Microsoft; therefore cost is incurred for upgrades and support. At CDPHE, divisions pay for this by purchasing a Microsoft Office License with each workstation purchased.

•End user equipment - assume current funding sources for upgrades and refreshes are sufficient whether using the current OEM model or the Microsoft services model;

•CDPHE existing IT Indirect Operating Dollars remain in place

Appendix B




Phone system Upgrade / Switch to Hosted Model - - $240,000 $240,000 $240,000

Disaster Prevention / Recovery - - $178,000 $80,000 $80,000

Network Bandwidth- CDPHE and Remote Sites - - $50,000 $50,000 $50,000

IT Infrastructure Upgrades Cabling to Workstations - - - $600,000 -

Single Sign-on - - TBD TBD TBD

Bomgar Infrastructure (eVPN) - - - - $10,617


* Decision Item cost allocation is absorbed into Common Policy after the first two years; Once absorbed into Common Policy, different and pending rates may apply. A Capital Development Request B Planning and emergency supplemental 25

Appendix B



* Decision Item cost allocation is absorbed into Common Policy after the first two years; Once absorbed into Common Policy, different and pending rates may apply. A Capital Development Request B Planning and emergency supplemental

26

Unfunded (Pending) FY17 Decision Items

CDPHE- Initiated

Laboratory Information Management system (LIMS)

- $515,972 A $90,771 - -

CIMPLE (FY17-FY21) - $1,150,000 B $1,150,000 B $1,150,000 B $1,150,000 B

OIT- Initiated

Advanced Security Analytics / Threat Discovery (Secure Colorado Part A)

- $42,403* $42,403 * TBD TBD

Identity Management (Secure Colorado Part B) - $52,407 $52,099 TBD TBD

Enterprise Tools (End User Config/SCCM) - $147,153 TBD TBD TBD

Total Unfunded (Pending) Decision Items $0 $1,907,935 $1,335,273 $1,150,000 $1,150,000

Total Unfunded Items $0 $1,907,935 $5,435,132 $3,128,222 $2,538,839

Department of Public Health and Environment



Department of Public Safety



Table of Contents

2


Roadmap Goals

3


and refresh





selection



provided by vendors




and desktop groups




horizon


3



• Decisions related to major CDPS initiatives/projects may alter this plan (e.g. equipment and infrastructure refreshes).

• Infrastructure needs to be maintained for CJIS/HIPAA/PII compliance • Estimates based on initial quote/vendor information and/or past initiatives and

subject to change.

• Four-year work station refresh schedule.

• Assume infrastructure seven-year refresh schedule (servers, network equipment, etc.).

• Application reprocurement five-year schedule.



Assumptions

4


CDPS is made up of five divisions: the Colorado Bureau of Investigation (CBI), Colorado State Patrol (CSP), Division of Criminal Justice (DCJ), Division of Fire Prevention and Control (DFPC), and the Division of Homeland Security and Emergency Management (DHSEM).



service



applications





5

Technology lifecycles are much shorter than the CDPS business cycle; therefore, planning technology changes to fit CDPS’s business initiatives is one way to help improve business.

CDPS’s mission is to be an organization of “engaged employees working together to provide diverse public safety services to local communities and safeguard lives.” This page highlights the overarching objectives that CDPS identified in their annual performance plan that will have the biggest impact in achieving their mission.

Business Objectives

#1- The Executive Director’s Office fundamental charge is to provide effective service to the Department’s operating divisions

#2- The CBI’s Identification Section is the state repository for criminal history information.

#3- The Colorado State Patrol’s fundamental statutory charge is to facilitate the safe and efficient movement of all motor vehicle traffic and to help motorists in need of assistance.

6

● Continue to support and manage the IT systems that support the basic business and law

enforcement functions of CDPS ● Implement a Time and Leave Balance Management System (Kronos) - long range plans

include rolling this into the state’s Human Resources Information System ● Implement the state’s Human Resource Information Management System as provided by

DPA ● Implement Learning Management, Identity Management and Certifications systems ● Implement the top nine SANS 20 Critical Security Controls to ensure the safety and

security of CDPS systems and data

● Continue to support and manage the Colorado Crime Information Center (CCIC),

Automated Fingerprint Information System (AFIS), the CBI Investigations Case Management (ACISS) system, and the Laboratory Information Management System (LIMS)

● Working with CBI and CDPS management, initiate a capital funding request to replace the CCIC system by FY18; the CCIC system needs to be replaced in FY21

● Implement the new Port of Entry Business System ● Continue to support the Computer-Aided Dispatch System ● Implement the new CSP Records Management System and e-Citation system

Top IT Initiatives

Below are a few of the highest priority CDPS technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview. Maintain and Refresh CDPS Blade Server/ Storage Area Network Environment

CSP Records Management System

7

Kronos Implementation

2-Factor Authentication Implementation

● The CDPS blade server/ storage area network environment provides robust,

redundant systems processing and storage for numerous CDPS applications ● The environment was implemented in FY15 and needs to be refreshed in FY18 - FY20

to assure continuous operation of the system; the original system was funded using divisional operating budgets; it is assumed that the refresh of the environment will be funded in the same manner

● The CSP Records Management System is used by State Troopers to capture information

about daily activities, such as traffic stops, driver contacts, traffic citations, accident reporting. The information captured in this system is used by CSP Command Staff in force management and planning, as well as federal and state reporting requirements

● System procured by competitive bid in FY14 and is expected to be implemented in 2016 ● Funding for the implementation and maintenance of this system is included in the CSP

operating budgets

● The Kronos time and leave balance management system provides CDPS with tools to

manage member’s leave balance, activity and time reporting, and force scheduling ● The system will be implemented in FY16 and FY17 ● Funding for the Kronos system was provided in an FY15 Decision Item

● 2-Factor Authentication is an advanced system authentication protocol that requires

two forms of credentials to log into a system - something you know (a password) and something you have (a key-fob or a fingerprint scanner)

● 2-Factor Authentication is required by the FBI on all systems that contain CJIS data ● CSP Troopers are the main users of this system ● This is an unfunded project at this time



Init

iati

ves

Infr

astr

uct

ure

S

erv

ices

T

oo

ls

Bu

sin

ess

Init

iati

ves

Kipling Campus /EOC Network

Refresh



eFORT Network Refresh

Blade Server/SAN Refresh*

Wireless System Refresh/Upgrade




8

2-Factor Authentication 1*

Tec

hn

olo

gy

Ev

ents

Port of Entry Virtual Weigh Station

Initiate CAD Reprocurement

EOC Backup Data Communications Link

EOC Telephone System Upgrade

CCIC Reprocurement

CBI CODIS Virt.

Kronos Implementation

CSP Records Management System

CSP e-Citation Kipling Campus Telephone

System Upgrade

Port of Entry Business System

CBI Ident/InstaCheck CORE Interface

CDPS Learning Management System

DCJ CVCDMEP System

CDPS Secure Notification System

DCJ CORE GMS System

CCIc Oracle

Upgrade

DCJ Zoomigrants System

CBI 710 Kipling Relocation CBI Labs - Arvada

Relocation

CBI SDDS

Financial Overview


Tools - $100,000 - - -

Applications - - $12M-15M $15M




$719,499 $12.3M- $15.3M

$196,000 $16M



Below is a summary or the estimated unfunded components of CDPS’s technology roadmap. A detailed breakdown can be found in Appendix B.


9

CDPS’s Unfunded Technology Outlook

*For context, CDPS’s FY14 total IT spend was $20,510,901 1No supplementals have been requested; this total represents the technology debt that CDPS is acquiring in FY16

Glossary & Acronyms












10

Glossary & Acronyms

Enterprise Wireless




HIPAA Health Insurance Portability & Accountability Act of 1996; which requires the state to protect patients’ medical information.










Appendix A


usi

nes

s A

pp

s

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption

12


Appendix B



Below is an itemized summary or the estimated unfunded components of DPA’s technology outlook.

1 Secure Colorado Part A - This is a mandatory service totaling $1 million allocated to departments based on Department appropriated FTE. This is new spending authority and new revenue submitted via decision item. OSPB is setting aside some General Fund to provide to departments to offset the billing but interested entities must work directly with Andrea Day. 2 - Secure Colorado Part B - This is the second part of Secure Colorado which totals $1.25 million not included in the Decision Item and provided via existing departmental resources. The FY17 Common Policy billings will increase to accommodate the security needs. This is an optional item. 3 - Niche Record Management System Application Support Member - this Decision Item was submitted to the OSPB to include this new member as an FTE in Common Policy, to be funded by the CSP Operating Budget. At the time of this document publication, this DI has not been approved , so this item is considered unfunded at this time.

13


CCIC Reprocurement Request - - $12-15M - -

Initial CAD Reprocurement Request2 - - - - $15M

Total Unfunded Tools $0 $0 $12M - $15M $15M


Advanced Security Analytics/ Threat Discovery (Secure CO Part A)1

- $56,799 $56,799 TBD TBD

Identity Management (Secure CO Part B)2 - $70,200 $69,788 TBD TBD

Niche Record Management System Application Support

Member3 - $158,873 $135,574 TBD TBD

Total Unfunded (Pending) Decision Items $0

$126,999 $126,676 $0 $0

Unfunded Tools

2-Factor Authentication - $100,000 - - -

Total Unfunded Tools $0 $100,000 $0 $0 $0

Appendix B




Wireless System Upgrade and Refresh - $330,000

Blade Environment Refresh1 $40,000 $22,500 $196,000 $196000 $893,000

CSP CAD Comm Center Switch Upgrade $120,000

CCIC Storage Upgrade TBD

CBI Grand Junction Switch/Router $10,000

CDPS Switch/ Router/ Firewall Upgrade TBD

CDPS eFORT Switch/ Router/ Firewall Upgrade TBD

CSP - Camp George West -upgrade router $10,000

CSP - Camp George West -upgrade switches $72,000

CSP Camp George West switches - new modular

buildings

$9,200

CSP Camp George West - internal fiber wiring TBD

DHSEM EOC - Upgrade Switches placed in 2013 TBD

DHSEM EOC - Upgrade Switches placed in 2014 $84,000


14

Total Unfunded Items $121,200 $719,499 $12.3-15.3 M $196,000 $16M

1 The Blade Environment Refresh project was funded in FY13-FY14 using Division's operating budgets; the funding of the refresh of the Blade Environment using division's operating budgets needs to be confirmed. 2 CSP CAD will be approaching 10 years in FY20 - a decision needs to be made at that time whether to continue using the Motorola CAD system or purchase a new CAD system.

Department of Public Safety



Department of Transportation


Roadmap Goals Assumptions Aligning Technology with Business Objectives Business Objectives Top IT Initiatives IT Roadmap Overview Financial Overview Glossary and Acronyms Appendix A: Statewide Initiative Roadmap Appendix B: Unfunded Event Breakdown

Table of Contents

2


Roadmap Goals

3


and refresh





selection



provided by vendors




and desktop groups




horizon


3

•Major agency project decisions may alter this plan (e.g. equipment and infrastructure refreshes).

•Infrastructure and security needs will be maintained for FTI/HIPAA/PII/FBI compliance.

•Cost estimates are based on initial quote/vendor information and/or past initiatives are subject to change.


•Enterprise or Support Agreement currently not in place for Microsoft; therefore, cost is incurred for upgrades and support of infrastructure and end-user equipment, being mindful of CDOT’s existing agreement with Microsoft.

•Existing telecommunications system remains in use, but may be subject to replacement in the next two years.

•Continual use of SAP for the foreseeable future as the primary business tool.

•Need to remain flexible as CDOT moves to a design-build location.

•Assume three-year work station refresh schedule.

•Current levels of IT support remain unchanged regardless of staffing .

•Five-year application reprocurement schedule.


Assumptions

4



service



applications





The Colorado Department of Transportation (CDOT) is responsible for long range transportation planning in Colorado. CDOT coordinates the multi-modal planning efforts of all 15 Transportation Planning Regions (TPRs) in Colorado consisting of five metropolitan planning areas (MPOs) and 10 non-metropolitan regional TPRs.


5

Technology lifecycles are much shorter than the CDOT business cycle; therefore, planning technology changes to fit CDOT’s business initiatives is one way to help improve business.

CDOT’s mission is to “provide the best multi-modal transportation system for Colorado that most effectively and safely moves people, goods and information.” This page highlights the overarching objectives that CDOT identified in their annual performance that will have the biggest impact in achieving their mission.

Business Objectives

#1- Move Colorado to Zero Traffic-Related Deaths

#2- Attain 80% High or Moderate Highway Drivability Life

CDOT has an ethical responsibility to deliver safety programs. Through infrastructure projects and campaigns to influence public behavior, the Department plays an instrumental role in ensuring that roads, bridges, tunnels and other infrastructure statewide are safe for the traveling public. Through safety-specific infrastructure projects, data-driven safety-education programs, monitoring and analyzing crash data, and a number of other strategies, CDOT strives to reduce fatalities by 12 per year, from 548 in 2008 to 344 in 2025.

Drivability Life is an indication in years of how long a stretch of highway will have acceptable driving conditions. Acceptable driving condition is a function of smoothness and safety, as determined by the amount of pavement cracking and depth of rutting. Pavement with High Drivability Life is expected to have acceptable driving conditions for more than 10 years. Drivers navigating pavement in “unacceptable” condition may need to endure rough rides; reduce speeds to safely navigate around potholes, deteriorating shoulders and other types of pavement damage; or otherwise compensate for deteriorating conditions. CDOT plans to achieve 80% high or moderate highway drivability life by 2025 by Increasing preventive maintenance on pavements, prioritizing Interstates and High- and Medium-Volume roadways over other roadways when selecting surface treatment projects, and increasing the annual miles of roadway treated.

6

CDOT is currently involved in the process of fundamentally changing the way it runs its business from the inside through a project known as “Program & Cash Management”. This is a multi-year, multi-million dollar project that OIT has been involved in from its inception. In the new “operational” plan, CDOT can better manage projects, financial objectives, vendors and the disperse CDOT divisions through on operational team utilizing Software (Project management), subject matter experts and the Leadership. This will reduce the time it takes to complete many of CDOT’s projects.

Within the next 18 months (Starting September 1, 2014) CDOT will locate land, build a new HQ Building and relocate the HQ and Region 1 staff/facilities to this new location. CDOT sees the value of their present locations to be better suited for redevelopment while building a “purpose-built” facility designed for CDOT related activities.

Top IT Initiatives

Below are a few high priority CDOT technical initiatives that are being undertaken over the next five years. Timelines for these initiatives are represented on the IT Roadmap Overview.

CDOT HQ/ Region 1 Relocation

Program & Cash Management

I 70 Viaduct Project

This project is still in the planning phases but when completed, the section of I-70 that runs between I-25 and Quebec Street known as the “Viaducts” will be replaced with High Speed options, neighborhood enhancements and a safer, more structurally sound “roadway.” This project is expected to cost over a billion dollars and last 3 to 5 years.

7

IT Roadmap Overview



Init

iati

ves


DTRS Towers? 2

Review Phone/ MIPC Options

Evaluation of Azure

Bu

sin

ess

Ap

ps

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols

Bu

s. I

nit

iati

ves

Single Sign-on*

HRIS/ SAP Success Factors


Highway Safety Program

Program/ Cash Mgmt (Aurigo)

New CDOT HQ Build


Evolution of Cloud Services

I-70 Viaduct Project



Program/Cash Mgmt

SAP/ CORE Evolution1


8

Financial Overview


● Technology debt and long-term cost

● Security vulnerabilities ● Maintenance

CDOT’s Funded Technology Outlook

Below is a summary or the estimated unfunded components of CDOT’s technology roadmap. Detailed breakdown can be found in Appendix B.


Tools - - - - -


Infrastructure Services - - - - -

OIT Pending FY17 Decision Items - $244,634* $243,8422 TBD TBD

Total Unfunded (Agency will manage)

$0 $244,634* $243,8422 $0 $0


1 CDOT is Cash Funded therefore an IT Budget is established for each FY. New and existing initiatives are funded through that budget. This includes all projected costs for OIT allocations and projected fixed IT related costs. 2 All unfunded items listed above will be “funded” through CDOT funding sources if required and not future legislative requests.

IT Projects & Initiatives1 $33,800,000 $33,800,000 $33,800,000 $33,800,000 $33,800,000


9

CDOT’s Unfunded Technology Outlook

Glossary & Acronyms







Aurigo Aurigo Software Technologies is the vendor solution selected for the program, project, and cash management system.

Azure Microsoft Cloud Service

Backup Colorado Phase II Backup Colorado Phase II will identify and implement a single backup and recovery solution for all critical applications supported by OIT. This project was an OIT FY16 Decision Item that is billed back to the agencies based on CSN circuits and servers being hosted and housed by OIT.


10

Glossary & Acronyms


DTRS Digital Trunked Radio System, a computer-controlled two-way radio system that allows sharing of relatively few radio frequency channels among a large group of users










Glossary & Acronyms

Network/Database Monitoring Tool Implementation (Solarwinds)

Solarwinds is a system that monitors IT infrastructure such as networks and servers, and can identify performance problems that could affect user access to applications. Solarwinds can automatically respond in various ways, from simply notifying support staff via email or text message, to even initiating actions such as rebooting devices. OIT is currently deploying Solarwinds across all of our supported agencies. The initial deployment will monitor network segments and devices only, and eventually we will configure it to monitor servers and applications.



Appendix A

Statewide Initiative Roadmap


Bu

sin

ess

Ap

ps

Tec

hn

olo

gy

Ev

ents

Infr

astr

uct

ure

Ser

vic

es

To

ols




Backup Colorado

Enterprise Wireless



24 x 7 Service Desk




CORE

HRIS






Single Sign-On



Endpoint Encryption 13



Below is an itemized summary of the estimated unfunded components of CDOT’s technology outlook.



- $109,411 $109,411 -1 -1



$0

$244,634

$243,842

Total Unfunded Items $0 $244,634* $243,842* $0 $0

1Decision Item cost allocation is absorbed into Common Policy after the first two years; once absorbed into Common Policy, different and pending rates may apply. * All unfunded items listed above will be funded through CDOT funding sources if required and not future legislative requests. 14

Department of Transporation


five-year it roadmap - colorado.gov five year... · mipc vs. cisco discussion . network ... mipc...

Documents